List all tokens for the currently authorized account.
List all tokens for the currently authorized account. The tokens are returned in a paged format, with the default page size being 20. The maximum page size is 100.
query Parameters
limitHow many tokens to return at per page
offsetOffset to start listing the tokens from
guiFilter tokens based on GUI flag (true or false). Default is no value, i.e. no filtering and all tokens are returned.
sortComma-separated list of fields to sort by. Prefix with '+' for ascending or '-' for descending order. Supported fields: created_at, expires_at, last_used_at, name. Example: sort=+name,-created_at. If no prefix is given, descending is assumed. Follows OpenAPI collectionFormat 'csv'.
List all tokens for the currently authorized account. › Responses
A paged array of tokens
Paged list of tokens.
idUUID of the token
nameThe name of the token. Does not need to be unique.
created_atToken creation time.
expires_atThe requested expiry time of the token, in RFC3339 format (2025-10-12T07:20:50.52Z). Needs to be in the future and maximum of 1 year in the future.
last_used_atThe last time the token was used.
can_create_tokensWhether the token can create other tokens.
guiToken is for internal GUI use. Can not be used externally.
allowed_ip_rangesList of IP ranges that are allowed to authenticate with the token. Empty list denies access from everywhere. If unset, the default list will be the IP filters of the account. If no IP filters are defined for the account either, the default will be ["0.0.0.0/0", "::/0"], i.e. allow from any address.
Create a new API token.
Create a new API token. Maximum token validity is 24*365h=8760h (~1 year). Attribute allowed_ip_prefixes allows defining a list of CIDR/IP addresses from where the token is accepted. Empty list denies access from everywhere. If unset, the default list will be the IP filters of the account. If no IP filters are defined for the account either, the default will be ["0.0.0.0/0", "::0/0"], i.e. allow from any address.
Create a new API token. › Request Body
nameThe name of the token. Does not need to be unique.
expires_atThe requested expiry time of the token, in RFC3339 format (2025-10-12T07:20:50.52Z). Needs to be in the future and maximum of 1 year in the future.
expires_inThe requested duration until expiry of the token, e.g. '1h30min'. Needs to be a positive duration and maximum of 1 year. Can be used instead of expires_at. Supported units are 'h' for hours, 'm' for minutes and 's' for seconds.
can_create_tokensWhether the token can create other tokens.
guiToken is for internal GUI use. Can not be used externally.
allowed_ip_rangesList of IP ranges that are allowed to authenticate with the token. Empty list denies access from everywhere. If unset, the default list will be the IP filters of the account. If no IP filters are defined for the account either, the default will be ["0.0.0.0/0", "::/0"], i.e. allow from any address.
Decision Table
| Variant | Matching Criteria |
|---|---|
| requires: expires_at | |
| requires: expires_in |
expires_inCreate a new API token. › Responses
Token created successfully
idUUID of the token
nameThe name of the token. Does not need to be unique.
created_atToken creation time.
expires_atThe requested expiry time of the token, in RFC3339 format (2025-10-12T07:20:50.52Z). Needs to be in the future and maximum of 1 year in the future.
last_used_atThe last time the token was used.
can_create_tokensWhether the token can create other tokens.
guiToken is for internal GUI use. Can not be used externally.
allowed_ip_rangesList of IP ranges that are allowed to authenticate with the token. Empty list denies access from everywhere. If unset, the default list will be the IP filters of the account. If no IP filters are defined for the account either, the default will be ["0.0.0.0/0", "::/0"], i.e. allow from any address.
Get the details of a specific token.
path Parameters
token-uuidThe uuid of the token to get
Responses
Details of the token
idUUID of the token
nameThe name of the token. Does not need to be unique.
created_atToken creation time.
expires_atThe requested expiry time of the token, in RFC3339 format (2025-10-12T07:20:50.52Z). Needs to be in the future and maximum of 1 year in the future.
last_used_atThe last time the token was used.
can_create_tokensWhether the token can create other tokens.
guiToken is for internal GUI use. Can not be used externally.
allowed_ip_rangesList of IP ranges that are allowed to authenticate with the token. Empty list denies access from everywhere. If unset, the default list will be the IP filters of the account. If no IP filters are defined for the account either, the default will be ["0.0.0.0/0", "::/0"], i.e. allow from any address.