API Token List Resource¶

Added in 2.5

Manages the tokens used to access the API.

This resource allows callers to retrieve their list of tokens, register new tokens, delete old ones, and update information on existing tokens.

Details¶

Name	`api_tokens`
URI	`/api/users/{username}/api-tokens/`
Token Policy ID	`api_token`
HTTP Methods	GET - Retrieves a list of API tokens belonging to a user. POST - Registers a new API token.
Parent Resource	User Resource
Child Resources	API Token Resource

Links¶

Name	Method	Resource
create	POST	API Token List Resource
self	GET	API Token List Resource

HTTP GET¶

Retrieves a list of API tokens belonging to a user.

If accessing this API on a Local Site, the results will be limited to those associated with that site.

This can only be accessed by the owner of the tokens, or superusers.

Request Parameters¶

counts-onlyBoolean	If specified, a single `count` field is returned with the number of results, instead of the results themselves.
max-resultsInteger	The maximum number of results to return in this list. By default, this is 25. There is a hard limit of 200; if you need more than 200 results, you will need to make more than one request, using the “next” pagination link.
startInteger	The 0-based index of the first result in the list. The start index is usually the previous start index plus the number of previous results. By default, this is 0.

Errors¶

100 - Does Not ExistHTTP 404 - Not Found	Object does not exist
101 - Permission DeniedHTTP 403 - Forbidden	You don’t have permission for this
103 - Not Logged InHTTP 401 - Unauthorized	You are not logged in
105 - Invalid Form DataHTTP 400 - Bad Request	One or more fields had errors
112 - OAuth2 Missing Scope ErrorHTTP 403 - Forbidden	Your OAuth2 token lacks the necessary scopes for this request.
113 - OAuth2 Access Denied ErrorHTTP 403 - Forbidden	OAuth2 token access for this resource is prohibited.

HTTP POST¶

Registers a new API token.

The token value will be generated and returned in the payload.

Callers are expected to provide a note and a policy.

Note that this may, in theory, fail due to too many token collisions. If that happens, please re-try the request.

Extra data can be stored later lookup. See Storing/Accessing Extra Data for more information.

Request Parameters¶

noteString	Required The note explaining the purpose of this token.
policyString	Required The token access policy, encoded as a JSON string.
expires Nullable ISO 8601 Date/Time	The date and time that the token will expire.This must be a valid date/time format. Added in 5.0

Errors¶

100 - Does Not ExistHTTP 404 - Not Found	Object does not exist
101 - Permission DeniedHTTP 403 - Forbidden	You don’t have permission for this
103 - Not Logged InHTTP 401 - Unauthorized	You are not logged in
105 - Invalid Form DataHTTP 400 - Bad Request	One or more fields had errors
112 - OAuth2 Missing Scope ErrorHTTP 403 - Forbidden	Your OAuth2 token lacks the necessary scopes for this request.
113 - OAuth2 Access Denied ErrorHTTP 403 - Forbidden	OAuth2 token access for this resource is prohibited.
228 - Token Generation FailedHTTP 500 - Internal Server Error	There was an error generating the API token. Please try again.

Examples¶

application/vnd.reviewboard.org.api-tokens+json¶

$ curl https://reviews.example.com/api/users/admin/api-tokens/ -H "Accept: application/json"

HTTP 200 OK
Content-Length: 976
Content-Type: application/vnd.reviewboard.org.api-tokens+json
ETag: d591d0e30f3c20faf9b8141414e218b97827ae58
Item-Content-Type: application/vnd.reviewboard.org.api-token+json
Vary: Accept, Cookie
X-Content-Type-Options: nosniff

{
  "api_tokens": [
    {
      "deprecated": false,
      "expired": false,
      "expires": null,
      "extra_data": {},
      "id": 1,
      "invalid_date": null,
      "invalid_reason": "",
      "last_updated": "2014-07-08T10:58:04.652000+00:00",
      "last_used": null,
      "links": {
        "delete": {
          "href": "https://reviews.example.com/api/users/admin/api-tokens/1/",
          "method": "DELETE"
        },
        "self": {
          "href": "https://reviews.example.com/api/users/admin/api-tokens/1/",
          "method": "GET"
        },
        "update": {
          "href": "https://reviews.example.com/api/users/admin/api-tokens/1/",
          "method": "PUT"
        }
      },
      "note": "This is my token for local testing.",
      "policy": {
        "perms": "rw"
      },
      "time_added": "2014-07-08T10:58:04.652000+00:00",
      "token": "709b0f04ccbd22dc2b16af8c286bcba75f31eb6d",
      "token_generator_id": "",
      "valid": true
    }
  ],
  "links": {
    "create": {
      "href": "https://reviews.example.com/api/users/admin/api-tokens/",
      "method": "POST"
    },
    "self": {
      "href": "https://reviews.example.com/api/users/admin/api-tokens/",
      "method": "GET"
    }
  },
  "stat": "ok",
  "total_results": 1
}