API Tokens

REST API operations for api tokens

Overview

The /api-tokens REST API operations are in open beta starting with Panther version 1.112, and are available to all customers. Please share any bug reports and feature requests with your Panther support team.

Use these API operations to interact with API tokens in Panther. An API token can rotate itself using the POST api-tokens/self/rotate endpoint.

To call the API, see the How to use the Panther REST API instructions—including directions for how to invoke it directly from this documentation page.

Required permissions

  • For GET operations, your API token must have the Read API Token Info permission.

  • For POST and DELETE operations, your API token must have the Manage API Tokens permission.

Operations

Create an api token

post
Authorizations
Body
allowedCIDRBlocksstring[]Optional

The set of CIDR blocks that are allowed to use this API token. If empty, all CIDR blocks are allowed

namestringRequired

The name of the token

Responses
200
OK response.
application/json
post
POST /api-tokens HTTP/1.1
Host: your-api-host
X-API-Key: YOUR_API_KEY
Content-Type: application/json
Accept: */*
Content-Length: 74

{
  "allowedCIDRBlocks": [
    "text"
  ],
  "name": "text",
  "permissions": [
    "AlertModify"
  ]
}
{
  "allowedCIDRBlocks": [
    "text"
  ],
  "createdAt": "text",
  "createdBy": {
    "id": "user",
    "type": "text"
  },
  "expiresAt": "text",
  "id": "text",
  "lastUsedAt": "text",
  "name": "text",
  "permissions": [
    "AlertModify"
  ],
  "rotatedAt": "text",
  "updatedAt": "text",
  "updatedBy": {
    "id": "user",
    "type": "text"
  },
  "value": "text"
}

Get an api token

get
Authorizations
Path parameters
idstringRequired

ID of the api token. Note: if self is provided, the current api token will be returned

Responses
200
OK response.
application/json
get
GET /api-tokens/{id} HTTP/1.1
Host: your-api-host
X-API-Key: YOUR_API_KEY
Accept: */*
{
  "allowedCIDRBlocks": [
    "text"
  ],
  "createdAt": "text",
  "createdBy": {
    "id": "user",
    "type": "text"
  },
  "expiresAt": "text",
  "id": "text",
  "lastUsedAt": "text",
  "name": "text",
  "permissions": [
    "AlertModify"
  ],
  "rotatedAt": "text",
  "updatedAt": "text",
  "updatedBy": {
    "id": "user",
    "type": "text"
  },
  "value": "text"
}

Update an api token

post
Authorizations
Path parameters
idstringRequired

ID of the api token. Note: if self is provided, the current api token will be updated

Body
allowedCIDRBlocksstring[]Optional

The set of CIDR blocks that are allowed to use this API token. If empty, all CIDR blocks are allowed

namestringRequired

The name of the token

Responses
200
OK response.
application/json
post
POST /api-tokens/{id} HTTP/1.1
Host: your-api-host
X-API-Key: YOUR_API_KEY
Content-Type: application/json
Accept: */*
Content-Length: 74

{
  "allowedCIDRBlocks": [
    "text"
  ],
  "name": "text",
  "permissions": [
    "AlertModify"
  ]
}
{
  "allowedCIDRBlocks": [
    "text"
  ],
  "createdAt": "text",
  "createdBy": {
    "id": "user",
    "type": "text"
  },
  "expiresAt": "text",
  "id": "text",
  "lastUsedAt": "text",
  "name": "text",
  "permissions": [
    "AlertModify"
  ],
  "rotatedAt": "text",
  "updatedAt": "text",
  "updatedBy": {
    "id": "user",
    "type": "text"
  },
  "value": "text"
}

delete api token

delete
Authorizations
Path parameters
idstringRequired

ID of the api token to delete. Note: if self is provided, the current api token will be deleted

Responses
204
No Content response.
delete
DELETE /api-tokens/{id} HTTP/1.1
Host: your-api-host
X-API-Key: YOUR_API_KEY
Accept: */*

No content

List api tokens

get
Authorizations
Responses
200
OK response.
application/json
get
GET /api-tokens HTTP/1.1
Host: your-api-host
X-API-Key: YOUR_API_KEY
Accept: */*
200

OK response.

{
  "next": "text",
  "results": [
    {
      "allowedCIDRBlocks": [
        "text"
      ],
      "createdAt": "text",
      "createdBy": {
        "id": "user",
        "type": "text"
      },
      "expiresAt": "text",
      "id": "text",
      "lastUsedAt": "text",
      "name": "text",
      "permissions": [
        "AlertModify"
      ],
      "rotatedAt": "text",
      "updatedAt": "text",
      "updatedBy": {
        "id": "user",
        "type": "text"
      },
      "value": "text"
    }
  ]
}

Rotate an api token. If self is provided the current token will be rotated

post
Authorizations
Path parameters
idstringRequired

ID of the api token to rotate. Note: if self is provided, the current api token will be rotated

Responses
200
OK response.
application/json
post
POST /api-tokens/{id}/rotate HTTP/1.1
Host: your-api-host
X-API-Key: YOUR_API_KEY
Accept: */*
{
  "allowedCIDRBlocks": [
    "text"
  ],
  "createdAt": "text",
  "createdBy": {
    "id": "user",
    "type": "text"
  },
  "expiresAt": "text",
  "id": "text",
  "lastUsedAt": "text",
  "name": "text",
  "permissions": [
    "AlertModify"
  ],
  "rotatedAt": "text",
  "updatedAt": "text",
  "updatedBy": {
    "id": "user",
    "type": "text"
  },
  "value": "text"
}

Last updated

Was this helpful?