Repository and View API Tokens
Repository and View API tokens enable granular API access to an individual repository or view. The API token is limited only to the repository where the API token is created, and to the corresponding permissions granted to that token.
Note
Repository and view are used interchangeably as are the token names. In the UI, the terms View Tokenand Repository Token may be used, but refer to the same object.
Data read access (including querying and searching the repository events)
Data management, such as data retention and deleting stored events
Searching repositories, including saved queries, sharing dashboards and connecting views
Ingest configuration, including the ability to create ingest tokens and parsers
Integrations, S3 archiving, event forwarding and managing packages
Triggers and actions such as scheduled searches and alerts
Repository tokens are managed from the Repository Settings page:
Creating Repository API Tokens
The following lists detail which functionality – and their corresponding pages – require which permission to use.