Jump to >

API Token List Resource

Added in 2.5

Manages the tokens used to access the API.

This resource allows callers to retrieve their list of tokens, register new tokens, delete old ones, and update information on existing tokens.

Details

Name api_tokens
URI /api/users/{username}/api-tokens/
Token Policy ID api_token
HTTP Methods
  • GET - Retrieves a list of API tokens belonging to a user.
  • POST - Registers a new API token.
Parent Resource User Resource
Child Resources
Anonymous Access Yes, if anonymous site access is enabled

HTTP GET

Retrieves a list of API tokens belonging to a user.

If accessing this API on a Local Site, the results will be limited to those associated with that site.

This can only be accessed by the owner of the tokens, or superusers.

Request Parameters

counts-onlyBoolean If specified, a single count field is returned with the number of results, instead of the results themselves.
max-resultsInteger The maximum number of results to return in this list. By default, this is 25. There is a hard limit of 200; if you need more than 200 results, you will need to make more than one request, using the “next” pagination link.
startInteger The 0-based index of the first result in the list. The start index is usually the previous start index plus the number of previous results. By default, this is 0.

Errors

100 - Does Not ExistHTTP 404 - Not Found Object does not exist
101 - Permission DeniedHTTP 403 - Forbidden You don’t have permission for this
103 - Not Logged InHTTP 401 - Unauthorized You are not logged in
105 - Invalid Form DataHTTP 400 - Bad Request One or more fields had errors
112 - OAuth2 Missing Scope ErrorHTTP 403 - Forbidden Your OAuth2 token lacks the necessary scopes for this request.
113 - OAuth2 Access Denied ErrorHTTP 403 - Forbidden OAuth2 token access for this resource is prohibited.

HTTP POST

Registers a new API token.

The token value be generated and returned in the payload.

Callers are expected to provide a note and a policy.

Note that this may, in theory, fail due to too many token collisions. If that happens, please re-try the request.

Extra data can be stored later lookup. See Storing/Accessing Extra Data for more information.

Request Parameters

noteString Required

The note explaining the purpose of this token.

policyString Required

The token access policy, encoded as a JSON string.

Errors

100 - Does Not ExistHTTP 404 - Not Found Object does not exist
101 - Permission DeniedHTTP 403 - Forbidden You don’t have permission for this
103 - Not Logged InHTTP 401 - Unauthorized You are not logged in
105 - Invalid Form DataHTTP 400 - Bad Request One or more fields had errors
112 - OAuth2 Missing Scope ErrorHTTP 403 - Forbidden Your OAuth2 token lacks the necessary scopes for this request.
113 - OAuth2 Access Denied ErrorHTTP 403 - Forbidden OAuth2 token access for this resource is prohibited.
228 - Token Generation FailedHTTP 500 - Internal Server Error There was an error generating the API token. Please try again.

Examples

application/vnd.reviewboard.org.api-tokens+json

$ curl http://reviews.example.com/api/users/admin/api-tokens/ -H "Accept: application/json"
Vary: Accept, Cookie
Item-Content-Type: application/vnd.reviewboard.org.api-token+json
Content-Type: application/vnd.reviewboard.org.api-tokens+json
X-Content-Type-Options: nosniff
{
  "api_tokens": [
    {
      "extra_data": {}, 
      "id": 1, 
      "last_updated": "2014-07-08T10:58:04Z", 
      "links": {
        "delete": {
          "href": "http://reviews.example.com/api/users/admin/api-tokens/1/", 
          "method": "DELETE"
        }, 
        "self": {
          "href": "http://reviews.example.com/api/users/admin/api-tokens/1/", 
          "method": "GET"
        }, 
        "update": {
          "href": "http://reviews.example.com/api/users/admin/api-tokens/1/", 
          "method": "PUT"
        }
      }, 
      "note": "This is my token for local testing.", 
      "policy": {
        "perms": "rw"
      }, 
      "time_added": "2014-07-08T10:58:04Z", 
      "token": "709b0f04ccbd22dc2b16af8c286bcba75f31eb6d"
    }
  ], 
  "links": {
    "create": {
      "href": "http://reviews.example.com/api/users/admin/api-tokens/", 
      "method": "POST"
    }, 
    "self": {
      "href": "http://reviews.example.com/api/users/admin/api-tokens/", 
      "method": "GET"
    }
  }, 
  "stat": "ok", 
  "total_results": 1
}