API Tokens
Programmatic access to Kriten is provided via API tokens (keys). API tokens are generated per user and adhere RBAC rules.
To generate API token, a user need to have a valid login into Kriten. Following CRUD operations are available for the users:
- Add API token
Body of request:
API token object fields reference:
| Key | Description |
|---|---|
description |
(Optional) description of the API token |
enabled |
(Optional) state of the API token - true or false, if not specified default will be True |
expires |
(Optional) If not specified, will never expire - data will be defaulted to 0000-01-01 |
Response json body:
{
"id": "c38ef92a-522e-41bb-ae5b-ab29a16727d4",
"owner": "d9acf53d-6d9e-46ec-b352-2e99086ecb97",
"key": "kri_rbaurEcVyGJIjRioWIaiT3WteVh8ndlVQAEl",
"description": "My personal API Token",
"created_at": "2024-09-13T13:58:03.430602592Z",
"updated_at": "2024-09-13T13:58:03.430602592Z",
"expires": "2024-09-13T13:54:06.283Z",
"enabled": true
}
| Key | Description |
|---|---|
id |
Unique API token identifier, used for operations against token after creation |
key |
*API Token value |
owner |
User unique ID, owner of the token |
description |
Description of the API token |
enabled |
Token is enabled and can be used |
expires |
Expiry date and time |
created_at |
Date and time, when Token was created |
updated_at |
Date and time, when Token was last updated |
Content of field key is actual API Token only returned once at the time of Token creation. Token is automatically encryped at store and won't be shown again.
Example using API token with curl command:
- List API tokens
For non-admin user only own API tokens will be returned, if RBAC permissions not granted to get all.
Admin user will see all tokens by following query:
- Update API token
Update method can modify description, enabled and expires fields.
- Delete API token