Skip to main content

Manage your API tokens

You can use API tokens to authenticate and authorize access to the Chef 360 Platform APIs.

Create an API token

You can create a new API token.

  • To create a new API token for the current user, use the user-account self create-token:

    chef-platform-auth-cli user-account self create-token --body '{
"name": "<TOKEN_NAME>",
"expiration": "<EXPIRATION>"
}'  --profile <PROFILE_NAME>

    Replace:

    • <PROFILE_NAME> with the profile associated with the new API token.
    • <TOKEN_NAME> with a name for the token
    • <EXPIRATION> with the expiration date. For example 2024-12-31T11:42:23-05:00. The default value is 30 days.

    The response is similar to the following example. Save the accessKey and secretKey values.

     {
  "item": {
    "accessKey": "0W19CFGHOGLBFMYMF9M3",
    "expiration": "2024-08-30T14:09:30.473701926Z",
    "id": "f0461dc3-d9ff-484e-b254-559ac415e45c",
    "name": "user",
    "role": {
      "id": "ff808dde-da38-41d2-bd2c-3202fcbb9166",
      "name": "org-admin"
    },
    "secretKey": "ZIjWInLXPs79IVpmj3bveQpn10sC0jPca0uCOoyG"
  }
}

List your API tokens

You can list all your tokens for the current organization.

  • To list all your API tokens, use the user-account self list-tokens:

    chef-platform-auth-cli user-account self list-tokens --profile <PROFILE_NAME>

Delete an API token

You can delete an API token.

  • To delete one of your API tokens, use the user-account self delete-token:

    chef-platform-auth-cli user-account self delete-token --tokenId "<TOKEN_ID>" --profile <PROFILE_NAME>

    Replace:

    • <PROFILE_NAME> with the profile associated with the new API token
    • <TOKEN_ID> with the token ID

    All active sessions associated with the deleted token are blocked after the token is deleted.

Revoke an API token

You can revoke one of you API tokens, which immediately expires but doesn’t delete an API token.

  • To revoke one of your API tokens, use the user-account self revoke-token

    chef-platform-auth-cli user-account self revoke-token --tokenId "<TOKEN_ID>" --profile <PROFILE_NAME>

    Replace:

    • <PROFILE_NAME> with the profile associated with the new API token.
    • <TOKEN_ID> with the tokenID

    All active sessions belonging to the revoked token are blocked after API token is revoked.

Thank you for your feedback!

×