API Token List Resource¶
Added in 2.5
Manages the tokens used to access the API.
This resource allows callers to retrieve their list of tokens, register new tokens, delete old ones, and update information on existing tokens.
Details¶
Name | api_tokens |
URI | /api/users/{username}/api-tokens/ |
Token Policy ID | api_token |
HTTP Methods | |
Parent Resource | User Resource |
Child Resources | |
Anonymous Access | Yes, if anonymous site access is enabled |
Links¶
Name | Method | Resource |
---|---|---|
create | POST | API Token List Resource |
self | GET | API Token List Resource |
HTTP GET¶
Retrieves a list of API tokens belonging to a user.
If accessing this API on a Local Site, the results will be limited to those associated with that site.
This can only be accessed by the owner of the tokens, or superusers.
Request Parameters¶
counts-onlyBoolean | If specified, a single count field is returned with the number of results, instead of the results themselves. |
max-resultsInteger | The maximum number of results to return in this list. By default, this is 25. There is a hard limit of 200; if you need more than 200 results, you will need to make more than one request, using the “next” pagination link. |
startInteger | The 0-based index of the first result in the list. The start index is usually the previous start index plus the number of previous results. By default, this is 0. |
Errors¶
100 - Does Not ExistHTTP 404 - Not Found | Object does not exist |
101 - Permission DeniedHTTP 403 - Forbidden | You don’t have permission for this |
103 - Not Logged InHTTP 401 - Unauthorized | You are not logged in |
105 - Invalid Form DataHTTP 400 - Bad Request | One or more fields had errors |
112 - OAuth2 Missing Scope ErrorHTTP 403 - Forbidden | Your OAuth2 token lacks the necessary scopes for this request. |
113 - OAuth2 Access Denied ErrorHTTP 403 - Forbidden | OAuth2 token access for this resource is prohibited. |
HTTP POST¶
Registers a new API token.
The token value be generated and returned in the payload.
Callers are expected to provide a note and a policy.
Note that this may, in theory, fail due to too many token collisions. If that happens, please re-try the request.
Extra data can be stored later lookup. See Storing/Accessing Extra Data for more information.
Request Parameters¶
noteString | Required The note explaining the purpose of this token. |
policyString | Required The token access policy, encoded as a JSON string. |
Errors¶
100 - Does Not ExistHTTP 404 - Not Found | Object does not exist |
101 - Permission DeniedHTTP 403 - Forbidden | You don’t have permission for this |
103 - Not Logged InHTTP 401 - Unauthorized | You are not logged in |
105 - Invalid Form DataHTTP 400 - Bad Request | One or more fields had errors |
112 - OAuth2 Missing Scope ErrorHTTP 403 - Forbidden | Your OAuth2 token lacks the necessary scopes for this request. |
113 - OAuth2 Access Denied ErrorHTTP 403 - Forbidden | OAuth2 token access for this resource is prohibited. |
228 - Token Generation FailedHTTP 500 - Internal Server Error | There was an error generating the API token. Please try again. |
Examples¶
application/vnd.reviewboard.org.api-tokens+json¶
$ curl http://reviews.example.com/api/users/admin/api-tokens/ -H "Accept: application/json"
Vary: Accept, Cookie
Item-Content-Type: application/vnd.reviewboard.org.api-token+json
Content-Type: application/vnd.reviewboard.org.api-tokens+json
X-Content-Type-Options: nosniff
{
"api_tokens": [
{
"extra_data": {},
"id": 1,
"last_updated": "2014-07-08T10:58:04Z",
"links": {
"delete": {
"href": "http://reviews.example.com/api/users/admin/api-tokens/1/",
"method": "DELETE"
},
"self": {
"href": "http://reviews.example.com/api/users/admin/api-tokens/1/",
"method": "GET"
},
"update": {
"href": "http://reviews.example.com/api/users/admin/api-tokens/1/",
"method": "PUT"
}
},
"note": "This is my token for local testing.",
"policy": {
"perms": "rw"
},
"time_added": "2014-07-08T10:58:04Z",
"token": "709b0f04ccbd22dc2b16af8c286bcba75f31eb6d"
}
],
"links": {
"create": {
"href": "http://reviews.example.com/api/users/admin/api-tokens/",
"method": "POST"
},
"self": {
"href": "http://reviews.example.com/api/users/admin/api-tokens/",
"method": "GET"
}
},
"stat": "ok",
"total_results": 1
}