APITokensResource
API reference for the API Tokens resource.
Methods
list
List all API tokens.
typescript
async list(): Promise<ListResponse<APIToken>>get
Get a single token by ID.
typescript
async get(id: string): Promise<APIToken>getResources
Get available API resources and their permissions.
typescript
async getResources(): Promise<{
resources: Array<{
id: string;
name: string;
description: string;
actions: string[];
}>;
}>createToken
Create a new API token (returns the token value only once).
typescript
async createToken(data: CreateAPITokenInput): Promise<{
success: boolean;
token: string;
details: APIToken;
}>Parameters:
typescript
interface CreateAPITokenInput {
name: string;
accessType: 'full' | 'granular';
permissions?: Array<{
resource: string;
actions: ('read' | 'write' | 'delete')[];
}>;
expiresAt?: string | null;
description?: string;
ipAllowlist?: string[];
}update
Update a token.
typescript
async update(id: string, data: UpdateAPITokenInput): Promise<APIToken>revoke
Revoke (delete) a token.
typescript
async revoke(id: string): Promise<void>Types
APIToken
typescript
interface APIToken {
id: string;
type: 'api_token';
name: string;
description?: string;
accessType: 'full' | 'granular';
permissions?: Array<{
resource: string;
actions: string[];
}>;
expiresAt?: Date | null;
lastUsedAt?: Date;
createdAt: Date;
updatedAt: Date;
}Example
typescript
// Create a granular token
const result = await client.apiTokens.createToken({
name: 'Read-Only Integration',
accessType: 'granular',
permissions: [
{ resource: 'risks', actions: ['read'] },
{ resource: 'assets', actions: ['read'] },
],
expiresAt: '2025-12-31',
});
// IMPORTANT: Save this token - it's only shown once!
console.log('Token:', result.token);