# API 토큰

## 개요

다음 API 작업을 사용하여 [API 토큰](/ko/panther/api.md#how-to-create-a-panther-api-token) Panther에서. API 토큰은 다음을 사용하여 자체적으로 회전할 수 있습니다 `POST api-tokens/self/rotate` 엔드포인트.

API를 호출하려면 다음을 참조하세요. [Panther REST API를 사용하는 방법](/ko/panther/api/rest.md#how-to-use-the-panther-rest-api) 안내— [이 문서 페이지에서 직접 호출하는 방법에 대한 지침 포함](/ko/panther/api/rest.md#step-3-invoke-the-panther-rest-api).

## 필수 권한

* 에 대해 `GET` 작업을 수행하려면 API 토큰에 `API 토큰 정보 읽기` 권한이 있어야 합니다.
* 에 대해 `POST` 및 `DELETE` 작업을 수행하려면 API 토큰에 `API 토큰 관리` 권한이 있어야 합니다.

다음을 참조하세요 [콘솔과 API의 권한 이름](/ko/system-configuration/rbac.md#permission-names-in-the-console-and-api) 를 참조하세요.

## 작업

## POST /api-tokens

> Create an api token

```json
{"openapi":"3.0.3","info":{"title":"Panther REST API","version":"1.0"},"tags":[{"name":"api token","description":"The api token api handles all operations for api tokens"}],"servers":[{"url":"https://{api_host}","variables":{"api_host":{"default":"your-api-host"}}}],"security":[{"ApiKeyAuth":[]}],"components":{"securitySchemes":{"ApiKeyAuth":{"type":"apiKey","name":"X-API-Key","in":"header"}},"schemas":{"APITokenAPI.ModifyAPIToken":{"type":"object","properties":{"allowedCIDRBlocks":{"type":"array","items":{"type":"string"},"description":"The set of CIDR blocks that are allowed to use this API token. If empty, all CIDR blocks are allowed"},"name":{"type":"string","description":"The name of the token"},"permissions":{"type":"array","items":{"type":"string","enum":["AIRunAsModify","AlertModify","AlertRead","BulkUpload","BulkUploadValidate","CloudsecSourceModify","CloudsecSourceRead","DataAnalyticsModify","DataAnalyticsRead","DestinationModify","DestinationRead","GeneralSettingsModify","GeneralSettingsRead","LogSourceModify","LogSourceRawDataRead","LogSourceRead","LookupModify","LookupRead","ManageAIResponses","ManageAISkills","McpServerModify","McpServerRead","NotificationsSend","OrganizationAPITokenModify","OrganizationAPITokenRead","PolicyModify","PolicyRead","ResourceModify","ResourceRead","RuleModify","RuleRead","RunPantherAI","SummaryRead","UserModify","UserRead","ViewAIPrivateResponses","ViewAISkills"]}}},"required":["name","permissions"]},"APITokenAPI.APIToken":{"type":"object","properties":{"allowedCIDRBlocks":{"type":"array","items":{"type":"string"},"description":"The set of CIDR blocks that are allowed to use this API token. If empty, all CIDR blocks are allowed"},"createdAt":{"type":"string","description":"Time when the API token was created"},"createdBy":{"type":"object","properties":{"id":{"type":"string","enum":["user","api-token","system"]},"type":{"type":"string"}},"description":"The actor who created the token"},"expiresAt":{"type":"string","description":"Time when the API token will expire. Will be null if the token is non-expiring"},"id":{"type":"string","description":"The unique identifier of the token"},"lastUsedAt":{"type":"string","description":"The last time this token was used to authenticate"},"name":{"type":"string","description":"The name of the token"},"permissions":{"type":"array","items":{"type":"string","enum":["AIRunAsModify","AlertModify","AlertRead","BulkUpload","BulkUploadValidate","CloudsecSourceModify","CloudsecSourceRead","DataAnalyticsModify","DataAnalyticsRead","DestinationModify","DestinationRead","GeneralSettingsModify","GeneralSettingsRead","LogSourceModify","LogSourceRawDataRead","LogSourceRead","LookupModify","LookupRead","ManageAIResponses","ManageAISkills","McpServerModify","McpServerRead","NotificationsSend","OrganizationAPITokenModify","OrganizationAPITokenRead","PolicyModify","PolicyRead","ResourceModify","ResourceRead","RuleModify","RuleRead","RunPantherAI","SummaryRead","UserModify","UserRead","ViewAIPrivateResponses","ViewAISkills"]}},"rotatedAt":{"type":"string","description":"Time when the API token was rotated"},"updatedAt":{"type":"string","description":"Time when the API token was updated"},"updatedBy":{"type":"object","properties":{"id":{"type":"string","enum":["user","api-token","system"]},"type":{"type":"string"}},"description":"The actor who updated the token"},"value":{"type":"string","description":"The API token value, only populated during create and rotate actions"}},"required":["name","permissions","id","createdAt"]},"APITokenAPI.BadRequestError":{"type":"object","properties":{"message":{"type":"string"}},"required":["message"]}}},"paths":{"/api-tokens":{"post":{"tags":["api token"],"summary":"Create an api token","operationId":"api token#create","requestBody":{"required":true,"content":{"application/json":{"schema":{"$ref":"#/components/schemas/APITokenAPI.ModifyAPIToken"}}}},"responses":{"200":{"description":"OK response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/APITokenAPI.APIToken"}}}},"400":{"description":"bad_request: Bad Request response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/APITokenAPI.BadRequestError"}}}}}}}}}
```

## GET /api-tokens/{id}

> Get an api token

```json
{"openapi":"3.0.3","info":{"title":"Panther REST API","version":"1.0"},"tags":[{"name":"api token","description":"The api token api handles all operations for api tokens"}],"servers":[{"url":"https://{api_host}","variables":{"api_host":{"default":"your-api-host"}}}],"security":[{"ApiKeyAuth":[]}],"components":{"securitySchemes":{"ApiKeyAuth":{"type":"apiKey","name":"X-API-Key","in":"header"}},"schemas":{"APITokenAPI.APIToken":{"type":"object","properties":{"allowedCIDRBlocks":{"type":"array","items":{"type":"string"},"description":"The set of CIDR blocks that are allowed to use this API token. If empty, all CIDR blocks are allowed"},"createdAt":{"type":"string","description":"Time when the API token was created"},"createdBy":{"type":"object","properties":{"id":{"type":"string","enum":["user","api-token","system"]},"type":{"type":"string"}},"description":"The actor who created the token"},"expiresAt":{"type":"string","description":"Time when the API token will expire. Will be null if the token is non-expiring"},"id":{"type":"string","description":"The unique identifier of the token"},"lastUsedAt":{"type":"string","description":"The last time this token was used to authenticate"},"name":{"type":"string","description":"The name of the token"},"permissions":{"type":"array","items":{"type":"string","enum":["AIRunAsModify","AlertModify","AlertRead","BulkUpload","BulkUploadValidate","CloudsecSourceModify","CloudsecSourceRead","DataAnalyticsModify","DataAnalyticsRead","DestinationModify","DestinationRead","GeneralSettingsModify","GeneralSettingsRead","LogSourceModify","LogSourceRawDataRead","LogSourceRead","LookupModify","LookupRead","ManageAIResponses","ManageAISkills","McpServerModify","McpServerRead","NotificationsSend","OrganizationAPITokenModify","OrganizationAPITokenRead","PolicyModify","PolicyRead","ResourceModify","ResourceRead","RuleModify","RuleRead","RunPantherAI","SummaryRead","UserModify","UserRead","ViewAIPrivateResponses","ViewAISkills"]}},"rotatedAt":{"type":"string","description":"Time when the API token was rotated"},"updatedAt":{"type":"string","description":"Time when the API token was updated"},"updatedBy":{"type":"object","properties":{"id":{"type":"string","enum":["user","api-token","system"]},"type":{"type":"string"}},"description":"The actor who updated the token"},"value":{"type":"string","description":"The API token value, only populated during create and rotate actions"}},"required":["name","permissions","id","createdAt"]},"APITokenAPI.BadRequestError":{"type":"object","properties":{"message":{"type":"string"}},"required":["message"]},"APITokenAPI.NotFoundError":{"type":"object","properties":{"message":{"type":"string"}},"required":["message"]}}},"paths":{"/api-tokens/{id}":{"get":{"tags":["api token"],"summary":"Get an api token","operationId":"api token#get","parameters":[{"name":"id","in":"path","description":"ID of the api token. Note: if self is provided, the current api token will be returned","required":true,"schema":{"type":"string","description":"ID of the api token. Note: if self is provided, the current api token will be returned"}}],"responses":{"200":{"description":"OK response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/APITokenAPI.APIToken"}}}},"400":{"description":"bad_request: Bad Request response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/APITokenAPI.BadRequestError"}}}},"404":{"description":"not_found: Not Found response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/APITokenAPI.NotFoundError"}}}}}}}}}
```

## POST /api-tokens/{id}

> Update an api token

```json
{"openapi":"3.0.3","info":{"title":"Panther REST API","version":"1.0"},"tags":[{"name":"api token","description":"The api token api handles all operations for api tokens"}],"servers":[{"url":"https://{api_host}","variables":{"api_host":{"default":"your-api-host"}}}],"security":[{"ApiKeyAuth":[]}],"components":{"securitySchemes":{"ApiKeyAuth":{"type":"apiKey","name":"X-API-Key","in":"header"}},"schemas":{"APITokenAPI.ModifyAPIToken":{"type":"object","properties":{"allowedCIDRBlocks":{"type":"array","items":{"type":"string"},"description":"The set of CIDR blocks that are allowed to use this API token. If empty, all CIDR blocks are allowed"},"name":{"type":"string","description":"The name of the token"},"permissions":{"type":"array","items":{"type":"string","enum":["AIRunAsModify","AlertModify","AlertRead","BulkUpload","BulkUploadValidate","CloudsecSourceModify","CloudsecSourceRead","DataAnalyticsModify","DataAnalyticsRead","DestinationModify","DestinationRead","GeneralSettingsModify","GeneralSettingsRead","LogSourceModify","LogSourceRawDataRead","LogSourceRead","LookupModify","LookupRead","ManageAIResponses","ManageAISkills","McpServerModify","McpServerRead","NotificationsSend","OrganizationAPITokenModify","OrganizationAPITokenRead","PolicyModify","PolicyRead","ResourceModify","ResourceRead","RuleModify","RuleRead","RunPantherAI","SummaryRead","UserModify","UserRead","ViewAIPrivateResponses","ViewAISkills"]}}},"required":["name","permissions"]},"APITokenAPI.APIToken":{"type":"object","properties":{"allowedCIDRBlocks":{"type":"array","items":{"type":"string"},"description":"The set of CIDR blocks that are allowed to use this API token. If empty, all CIDR blocks are allowed"},"createdAt":{"type":"string","description":"Time when the API token was created"},"createdBy":{"type":"object","properties":{"id":{"type":"string","enum":["user","api-token","system"]},"type":{"type":"string"}},"description":"The actor who created the token"},"expiresAt":{"type":"string","description":"Time when the API token will expire. Will be null if the token is non-expiring"},"id":{"type":"string","description":"The unique identifier of the token"},"lastUsedAt":{"type":"string","description":"The last time this token was used to authenticate"},"name":{"type":"string","description":"The name of the token"},"permissions":{"type":"array","items":{"type":"string","enum":["AIRunAsModify","AlertModify","AlertRead","BulkUpload","BulkUploadValidate","CloudsecSourceModify","CloudsecSourceRead","DataAnalyticsModify","DataAnalyticsRead","DestinationModify","DestinationRead","GeneralSettingsModify","GeneralSettingsRead","LogSourceModify","LogSourceRawDataRead","LogSourceRead","LookupModify","LookupRead","ManageAIResponses","ManageAISkills","McpServerModify","McpServerRead","NotificationsSend","OrganizationAPITokenModify","OrganizationAPITokenRead","PolicyModify","PolicyRead","ResourceModify","ResourceRead","RuleModify","RuleRead","RunPantherAI","SummaryRead","UserModify","UserRead","ViewAIPrivateResponses","ViewAISkills"]}},"rotatedAt":{"type":"string","description":"Time when the API token was rotated"},"updatedAt":{"type":"string","description":"Time when the API token was updated"},"updatedBy":{"type":"object","properties":{"id":{"type":"string","enum":["user","api-token","system"]},"type":{"type":"string"}},"description":"The actor who updated the token"},"value":{"type":"string","description":"The API token value, only populated during create and rotate actions"}},"required":["name","permissions","id","createdAt"]},"APITokenAPI.BadRequestError":{"type":"object","properties":{"message":{"type":"string"}},"required":["message"]},"APITokenAPI.NotFoundError":{"type":"object","properties":{"message":{"type":"string"}},"required":["message"]}}},"paths":{"/api-tokens/{id}":{"post":{"tags":["api token"],"summary":"Update an api token","operationId":"api token#update","parameters":[{"name":"id","in":"path","description":"ID of the api token. Note: if self is provided, the current api token will be updated","required":true,"schema":{"type":"string","description":"ID of the api token. Note: if self is provided, the current api token will be updated"}}],"requestBody":{"required":true,"content":{"application/json":{"schema":{"$ref":"#/components/schemas/APITokenAPI.ModifyAPIToken"}}}},"responses":{"200":{"description":"OK response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/APITokenAPI.APIToken"}}}},"400":{"description":"bad_request: Bad Request response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/APITokenAPI.BadRequestError"}}}},"404":{"description":"not_found: Not Found response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/APITokenAPI.NotFoundError"}}}}}}}}}
```

## DELETE /api-tokens/{id}

> delete api token

```json
{"openapi":"3.0.3","info":{"title":"Panther REST API","version":"1.0"},"tags":[{"name":"api token","description":"The api token api handles all operations for api tokens"}],"servers":[{"url":"https://{api_host}","variables":{"api_host":{"default":"your-api-host"}}}],"security":[{"ApiKeyAuth":[]}],"components":{"securitySchemes":{"ApiKeyAuth":{"type":"apiKey","name":"X-API-Key","in":"header"}},"schemas":{"APITokenAPI.BadRequestError":{"type":"object","properties":{"message":{"type":"string"}},"required":["message"]},"APITokenAPI.NotFoundError":{"type":"object","properties":{"message":{"type":"string"}},"required":["message"]}}},"paths":{"/api-tokens/{id}":{"delete":{"tags":["api token"],"summary":"delete api token","operationId":"api token#delete","parameters":[{"name":"id","in":"path","description":"ID of the api token to delete. Note: if self is provided, the current api token will be deleted","required":true,"schema":{"type":"string","description":"ID of the api token to delete. Note: if self is provided, the current api token will be deleted"}}],"responses":{"204":{"description":"No Content response."},"400":{"description":"bad_request: Bad Request response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/APITokenAPI.BadRequestError"}}}},"404":{"description":"not_found: Not Found response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/APITokenAPI.NotFoundError"}}}}}}}}}
```

## GET /api-tokens

> List api tokens

```json
{"openapi":"3.0.3","info":{"title":"Panther REST API","version":"1.0"},"tags":[{"name":"api token","description":"The api token api handles all operations for api tokens"}],"servers":[{"url":"https://{api_host}","variables":{"api_host":{"default":"your-api-host"}}}],"security":[{"ApiKeyAuth":[]}],"components":{"securitySchemes":{"ApiKeyAuth":{"type":"apiKey","name":"X-API-Key","in":"header"}},"schemas":{"APITokenAPI.ListResp":{"type":"object","properties":{"next":{"type":"string","description":"Pagination token for the next page of results"},"results":{"type":"array","items":{"$ref":"#/components/schemas/APITokenAPI.APIToken"}}},"required":["results"]},"APITokenAPI.APIToken":{"type":"object","properties":{"allowedCIDRBlocks":{"type":"array","items":{"type":"string"},"description":"The set of CIDR blocks that are allowed to use this API token. If empty, all CIDR blocks are allowed"},"createdAt":{"type":"string","description":"Time when the API token was created"},"createdBy":{"type":"object","properties":{"id":{"type":"string","enum":["user","api-token","system"]},"type":{"type":"string"}},"description":"The actor who created the token"},"expiresAt":{"type":"string","description":"Time when the API token will expire. Will be null if the token is non-expiring"},"id":{"type":"string","description":"The unique identifier of the token"},"lastUsedAt":{"type":"string","description":"The last time this token was used to authenticate"},"name":{"type":"string","description":"The name of the token"},"permissions":{"type":"array","items":{"type":"string","enum":["AIRunAsModify","AlertModify","AlertRead","BulkUpload","BulkUploadValidate","CloudsecSourceModify","CloudsecSourceRead","DataAnalyticsModify","DataAnalyticsRead","DestinationModify","DestinationRead","GeneralSettingsModify","GeneralSettingsRead","LogSourceModify","LogSourceRawDataRead","LogSourceRead","LookupModify","LookupRead","ManageAIResponses","ManageAISkills","McpServerModify","McpServerRead","NotificationsSend","OrganizationAPITokenModify","OrganizationAPITokenRead","PolicyModify","PolicyRead","ResourceModify","ResourceRead","RuleModify","RuleRead","RunPantherAI","SummaryRead","UserModify","UserRead","ViewAIPrivateResponses","ViewAISkills"]}},"rotatedAt":{"type":"string","description":"Time when the API token was rotated"},"updatedAt":{"type":"string","description":"Time when the API token was updated"},"updatedBy":{"type":"object","properties":{"id":{"type":"string","enum":["user","api-token","system"]},"type":{"type":"string"}},"description":"The actor who updated the token"},"value":{"type":"string","description":"The API token value, only populated during create and rotate actions"}},"required":["name","permissions","id","createdAt"]}}},"paths":{"/api-tokens":{"get":{"tags":["api token"],"summary":"List api tokens","operationId":"api token#list","responses":{"200":{"description":"OK response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/APITokenAPI.ListResp"}}}}}}}}}
```

## POST /api-tokens/{id}/rotate

> Rotate an api token. If self is provided the current token will be rotated

```json
{"openapi":"3.0.3","info":{"title":"Panther REST API","version":"1.0"},"tags":[{"name":"api token","description":"The api token api handles all operations for api tokens"}],"servers":[{"url":"https://{api_host}","variables":{"api_host":{"default":"your-api-host"}}}],"security":[{"ApiKeyAuth":[]}],"components":{"securitySchemes":{"ApiKeyAuth":{"type":"apiKey","name":"X-API-Key","in":"header"}},"schemas":{"APITokenAPI.APIToken":{"type":"object","properties":{"allowedCIDRBlocks":{"type":"array","items":{"type":"string"},"description":"The set of CIDR blocks that are allowed to use this API token. If empty, all CIDR blocks are allowed"},"createdAt":{"type":"string","description":"Time when the API token was created"},"createdBy":{"type":"object","properties":{"id":{"type":"string","enum":["user","api-token","system"]},"type":{"type":"string"}},"description":"The actor who created the token"},"expiresAt":{"type":"string","description":"Time when the API token will expire. Will be null if the token is non-expiring"},"id":{"type":"string","description":"The unique identifier of the token"},"lastUsedAt":{"type":"string","description":"The last time this token was used to authenticate"},"name":{"type":"string","description":"The name of the token"},"permissions":{"type":"array","items":{"type":"string","enum":["AIRunAsModify","AlertModify","AlertRead","BulkUpload","BulkUploadValidate","CloudsecSourceModify","CloudsecSourceRead","DataAnalyticsModify","DataAnalyticsRead","DestinationModify","DestinationRead","GeneralSettingsModify","GeneralSettingsRead","LogSourceModify","LogSourceRawDataRead","LogSourceRead","LookupModify","LookupRead","ManageAIResponses","ManageAISkills","McpServerModify","McpServerRead","NotificationsSend","OrganizationAPITokenModify","OrganizationAPITokenRead","PolicyModify","PolicyRead","ResourceModify","ResourceRead","RuleModify","RuleRead","RunPantherAI","SummaryRead","UserModify","UserRead","ViewAIPrivateResponses","ViewAISkills"]}},"rotatedAt":{"type":"string","description":"Time when the API token was rotated"},"updatedAt":{"type":"string","description":"Time when the API token was updated"},"updatedBy":{"type":"object","properties":{"id":{"type":"string","enum":["user","api-token","system"]},"type":{"type":"string"}},"description":"The actor who updated the token"},"value":{"type":"string","description":"The API token value, only populated during create and rotate actions"}},"required":["name","permissions","id","createdAt"]},"APITokenAPI.BadRequestError":{"type":"object","properties":{"message":{"type":"string"}},"required":["message"]},"APITokenAPI.ForbiddenErr":{"type":"object","properties":{"message":{"type":"string"}},"required":["message"]},"APITokenAPI.NotFoundError":{"type":"object","properties":{"message":{"type":"string"}},"required":["message"]}}},"paths":{"/api-tokens/{id}/rotate":{"post":{"tags":["api token"],"summary":"Rotate an api token. If self is provided the current token will be rotated","operationId":"api token#rotate","parameters":[{"name":"id","in":"path","description":"ID of the api token to rotate. Note: if self is provided, the current api token will be rotated","required":true,"schema":{"type":"string","description":"ID of the api token to rotate. Note: if self is provided, the current api token will be rotated"}}],"responses":{"200":{"description":"OK response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/APITokenAPI.APIToken"}}}},"400":{"description":"bad_request: Bad Request response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/APITokenAPI.BadRequestError"}}}},"403":{"description":"forbidden: Forbidden response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/APITokenAPI.ForbiddenErr"}}}},"404":{"description":"not_found: Not Found response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/APITokenAPI.NotFoundError"}}}}}}}}}
```


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.panther.com/ko/panther/api/rest/api-tokens.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.