List Personal Access Tokens
This gets a collection of personal access tokens associated with the optional owner-id
. query parameter. If the owner-id
query parameter is omitted, all personal access tokens for a tenant will be retrieved, but the caller must have the 'idn:all-personal-access-tokens:read' right.
Query Parameters
- owner-id string
The identity ID of the owner whose personal access tokens should be listed. If "me", the caller should have the following right: 'idn:my-personal-access-tokens:read' If an actual owner ID or if the
owner-id
parameter is omitted in the request, the caller should have the following right: 'idn:all-personal-access-tokens:read'. If the caller has the following right, then managed personal access tokens associated withowner-id
will be retrieved: 'idn:managed-personal-access-tokens:read'
- 200
- 400
- 401
- 403
- 429
- 500
List of personal access tokens.
- application/json
- Schema
- Example (from schema)
Schema array
- id string
The ID of the personal access token (to be used as the username for Basic Auth).
- name string
The name of the personal access token. Cannot be the same as other personal access tokens owned by a user.
- scope string[]
Scopes of the personal access token.
owner object
Details about the owner of the personal access token.
type stringPossible values: [
ACCOUNT_CORRELATION_CONFIG
,ACCESS_PROFILE
,ACCESS_REQUEST_APPROVAL
,ACCOUNT
,APPLICATION
,CAMPAIGN
,CAMPAIGN_FILTER
,CERTIFICATION
,CLUSTER
,CONNECTOR_SCHEMA
,ENTITLEMENT
,GOVERNANCE_GROUP
,IDENTITY
,IDENTITY_PROFILE
,IDENTITY_REQUEST
,LIFECYCLE_STATE
,PASSWORD_POLICY
,ROLE
,RULE
,SOD_POLICY
,SOURCE
,TAG_CATEGORY
,TASK_RESULT
,REPORT_RESULT
,SOD_VIOLATION
,ACCOUNT_ACTIVITY
]DTO type
id stringID of the object to which this reference applies
name stringHuman-readable display name of the object to which this reference applies
- created date-time
The date and time, down to the millisecond, when this personal access token was created.
- lastUsed date-time
The date and time, down to the millisecond, when this personal access token was last used to generate an access token. This timestamp does not get updated on every PAT usage, but only once a day. This property can be useful for identifying which PATs are no longer actively used and can be removed.
[
{
"id": "86f1dc6fe8f54414950454cbb11278fa",
"name": "NodeJS Integration",
"scope": [
"demo:personal-access-token-scope:first",
"demo:personal-access-token-scope:second"
],
"owner": {
"type": "IDENTITY",
"id": "2c91808568c529c60168cca6f90c1313",
"name": "William Wilson"
},
"created": "2017-07-11T18:45:37.098Z",
"lastUsed": "2017-07-11T18:45:37.098Z"
}
]
Client Error - Returned if the request body is invalid.
- application/json
- Schema
- Example (from schema)
Schema
- detailCode string
Fine-grained error code providing more detail of the error.
- trackingId string
Unique tracking id for the error.
messages object[]
Generic localized reason for error
locale stringThe locale for the message text, a BCP 47 language tag.
localeOrigin stringPossible values: [
DEFAULT
,REQUEST
]An indicator of how the locale was selected. DEFAULT means the locale is the system default. REQUEST means the locale was selected from the request context (i.e., best match based on the Accept-Language header). Additional values may be added in the future without notice.
text stringActual text of the error message in the indicated locale.
causes object[]
Plain-text descriptive reasons to provide additional detail to the text provided in the messages field
locale stringThe locale for the message text, a BCP 47 language tag.
localeOrigin stringPossible values: [
DEFAULT
,REQUEST
]An indicator of how the locale was selected. DEFAULT means the locale is the system default. REQUEST means the locale was selected from the request context (i.e., best match based on the Accept-Language header). Additional values may be added in the future without notice.
text stringActual text of the error message in the indicated locale.
{
"detailCode": "400.1 Bad Request Content",
"trackingId": "e7eab60924f64aa284175b9fa3309599",
"messages": [
{
"locale": "en-US",
"localeOrigin": "DEFAULT",
"text": "The request was syntactically correct but its content is semantically invalid."
}
],
"causes": [
{
"locale": "en-US",
"localeOrigin": "DEFAULT",
"text": "The request was syntactically correct but its content is semantically invalid."
}
]
}
Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.
- application/json
- Schema
- Example (from schema)
Schema
- error
A message describing the error
{
"error": "JWT validation failed: JWT is expired"
}
Forbidden - Returned if the user you are running as, doesn't have access to this end-point.
- application/json
- Schema
- Example (from schema)
- 403
Schema
- detailCode string
Fine-grained error code providing more detail of the error.
- trackingId string
Unique tracking id for the error.
messages object[]
Generic localized reason for error
locale stringThe locale for the message text, a BCP 47 language tag.
localeOrigin stringPossible values: [
DEFAULT
,REQUEST
]An indicator of how the locale was selected. DEFAULT means the locale is the system default. REQUEST means the locale was selected from the request context (i.e., best match based on the Accept-Language header). Additional values may be added in the future without notice.
text stringActual text of the error message in the indicated locale.
causes object[]
Plain-text descriptive reasons to provide additional detail to the text provided in the messages field
locale stringThe locale for the message text, a BCP 47 language tag.
localeOrigin stringPossible values: [
DEFAULT
,REQUEST
]An indicator of how the locale was selected. DEFAULT means the locale is the system default. REQUEST means the locale was selected from the request context (i.e., best match based on the Accept-Language header). Additional values may be added in the future without notice.
text stringActual text of the error message in the indicated locale.
{
"detailCode": "400.1 Bad Request Content",
"trackingId": "e7eab60924f64aa284175b9fa3309599",
"messages": [
{
"locale": "en-US",
"localeOrigin": "DEFAULT",
"text": "The request was syntactically correct but its content is semantically invalid."
}
],
"causes": [
{
"locale": "en-US",
"localeOrigin": "DEFAULT",
"text": "The request was syntactically correct but its content is semantically invalid."
}
]
}
An example of a 403 response object
{
"detailCode": "403 Forbidden",
"trackingId": "b21b1f7ce4da4d639f2c62a57171b427",
"messages": [
{
"locale": "en-US",
"localeOrigin": "DEFAULT",
"text": "The server understood the request but refuses to authorize it."
}
]
}
Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.
- application/json
- Schema
- Example (from schema)
Schema
- message
A message describing the error
{
"message": " Rate Limit Exceeded "
}
Internal Server Error - Returned if there is an unexpected error.
- application/json
- Schema
- Example (from schema)
- 500
Schema
- detailCode string
Fine-grained error code providing more detail of the error.
- trackingId string
Unique tracking id for the error.
messages object[]
Generic localized reason for error
locale stringThe locale for the message text, a BCP 47 language tag.
localeOrigin stringPossible values: [
DEFAULT
,REQUEST
]An indicator of how the locale was selected. DEFAULT means the locale is the system default. REQUEST means the locale was selected from the request context (i.e., best match based on the Accept-Language header). Additional values may be added in the future without notice.
text stringActual text of the error message in the indicated locale.
causes object[]
Plain-text descriptive reasons to provide additional detail to the text provided in the messages field
locale stringThe locale for the message text, a BCP 47 language tag.
localeOrigin stringPossible values: [
DEFAULT
,REQUEST
]An indicator of how the locale was selected. DEFAULT means the locale is the system default. REQUEST means the locale was selected from the request context (i.e., best match based on the Accept-Language header). Additional values may be added in the future without notice.
text stringActual text of the error message in the indicated locale.
{
"detailCode": "400.1 Bad Request Content",
"trackingId": "e7eab60924f64aa284175b9fa3309599",
"messages": [
{
"locale": "en-US",
"localeOrigin": "DEFAULT",
"text": "The request was syntactically correct but its content is semantically invalid."
}
],
"causes": [
{
"locale": "en-US",
"localeOrigin": "DEFAULT",
"text": "The request was syntactically correct but its content is semantically invalid."
}
]
}
An example of a 500 response object
{
"detailCode": "500.0 Internal Fault",
"trackingId": "b21b1f7ce4da4d639f2c62a57171b427",
"messages": [
{
"locale": "en-US",
"localeOrigin": "DEFAULT",
"text": "An internal fault occurred."
}
]
}