API Tokens
REST API operations for api tokens
Overview
Use these API operations to interact with API tokens in Panther. An API token can rotate itself using the POST api-tokens/self/rotate
endpoint.
To call the API, see the How to use the Panther REST API instructions—including directions for how to invoke it directly from this documentation page.
Required permissions
For
GET
operations, your API token must have theRead API Token Info
permission.For
POST
andDELETE
operations, your API token must have theManage API Tokens
permission.
Operations
The set of CIDR blocks that are allowed to use this API token. If empty, all CIDR blocks are allowed
The name of the token
OK response.
bad_request: Bad Request response.
POST /api-tokens HTTP/1.1
Host: your-api-host
X-API-Key: YOUR_API_KEY
Content-Type: application/json
Accept: */*
Content-Length: 74
{
"allowedCIDRBlocks": [
"text"
],
"name": "text",
"permissions": [
"AlertModify"
]
}
{
"allowedCIDRBlocks": [
"text"
],
"createdAt": "text",
"createdBy": {
"id": "user",
"type": "text"
},
"expiresAt": "text",
"id": "text",
"lastUsedAt": "text",
"name": "text",
"permissions": [
"AlertModify"
],
"rotatedAt": "text",
"updatedAt": "text",
"updatedBy": {
"id": "user",
"type": "text"
},
"value": "text"
}
ID of the api token. Note: if self is provided, the current api token will be returned
OK response.
bad_request: Bad Request response.
not_found: Not Found response.
GET /api-tokens/{id} HTTP/1.1
Host: your-api-host
X-API-Key: YOUR_API_KEY
Accept: */*
{
"allowedCIDRBlocks": [
"text"
],
"createdAt": "text",
"createdBy": {
"id": "user",
"type": "text"
},
"expiresAt": "text",
"id": "text",
"lastUsedAt": "text",
"name": "text",
"permissions": [
"AlertModify"
],
"rotatedAt": "text",
"updatedAt": "text",
"updatedBy": {
"id": "user",
"type": "text"
},
"value": "text"
}
ID of the api token. Note: if self is provided, the current api token will be updated
The set of CIDR blocks that are allowed to use this API token. If empty, all CIDR blocks are allowed
The name of the token
OK response.
bad_request: Bad Request response.
not_found: Not Found response.
POST /api-tokens/{id} HTTP/1.1
Host: your-api-host
X-API-Key: YOUR_API_KEY
Content-Type: application/json
Accept: */*
Content-Length: 74
{
"allowedCIDRBlocks": [
"text"
],
"name": "text",
"permissions": [
"AlertModify"
]
}
{
"allowedCIDRBlocks": [
"text"
],
"createdAt": "text",
"createdBy": {
"id": "user",
"type": "text"
},
"expiresAt": "text",
"id": "text",
"lastUsedAt": "text",
"name": "text",
"permissions": [
"AlertModify"
],
"rotatedAt": "text",
"updatedAt": "text",
"updatedBy": {
"id": "user",
"type": "text"
},
"value": "text"
}
ID of the api token to delete. Note: if self is provided, the current api token will be deleted
No Content response.
bad_request: Bad Request response.
not_found: Not Found response.
DELETE /api-tokens/{id} HTTP/1.1
Host: your-api-host
X-API-Key: YOUR_API_KEY
Accept: */*
No content
OK response.
GET /api-tokens HTTP/1.1
Host: your-api-host
X-API-Key: YOUR_API_KEY
Accept: */*
OK response.
{
"next": "text",
"results": [
{
"allowedCIDRBlocks": [
"text"
],
"createdAt": "text",
"createdBy": {
"id": "user",
"type": "text"
},
"expiresAt": "text",
"id": "text",
"lastUsedAt": "text",
"name": "text",
"permissions": [
"AlertModify"
],
"rotatedAt": "text",
"updatedAt": "text",
"updatedBy": {
"id": "user",
"type": "text"
},
"value": "text"
}
]
}
ID of the api token to rotate. Note: if self is provided, the current api token will be rotated
OK response.
bad_request: Bad Request response.
forbidden: Forbidden response.
not_found: Not Found response.
POST /api-tokens/{id}/rotate HTTP/1.1
Host: your-api-host
X-API-Key: YOUR_API_KEY
Accept: */*
{
"allowedCIDRBlocks": [
"text"
],
"createdAt": "text",
"createdBy": {
"id": "user",
"type": "text"
},
"expiresAt": "text",
"id": "text",
"lastUsedAt": "text",
"name": "text",
"permissions": [
"AlertModify"
],
"rotatedAt": "text",
"updatedAt": "text",
"updatedBy": {
"id": "user",
"type": "text"
},
"value": "text"
}
Last updated
Was this helpful?