Tokens in LogScale

LogScale supports a variety of different tokens that are used to provide API access to the different components of the system. A token uses a randomly generated sequence of characters that identifies the authority of a system or service to use a particular aspect of the LogScale instance.

Performing different actions, particularly through the API, is controlled through the API token. It is a combination of the type of API token and the individual permissions granted to it that allows or restricts access.

For example, to perform Organization level administration an Organization API token must be used. Having an Ingest Token or Repository API Token does not grant privileges to manage the organization. Conversely, data cannot be read or accessed using an Organization API Token, as these are only for managing your LogScale installation.

The basic model for the API Tokens and security architecture is shown in Figure 24, “API Token Architecture in LogScale”.

%%{init: {"flowchart": {"defaultRenderer": "elk"}} }%% graph LR; PT[Personal Token] subgraph Management_Tokens ["Management Tokens"] RT[Repo Token] ST[System Token] OT[Organization Token] end subgraph Permissions SP[System Permission] OP[Organization Permission] RP[Repo Permissions] end subgraph Resource RR[Repository] RO[Organization] RC[Cluster] end subgraph Roles RlR[Repository] RlO[Organization] RlC[Cluster] end %% Connections PT --> Roles SP <--> RlC RP <--> RlR OP <--> RlO RR <--> RP RO <--> OP RC <--> SP RT --> RR ST --> RC OT --> RO

Figure 24. API Token Architecture in LogScale

For more detailed information about each of the API token types, see API Tokens.

API tokens are governed by Security policies.

Ingest Tokens vs API Tokens

Ingest tokens are another type of token in LogScale, but they are not API tokens.

Ingest tokens are long-lived token strings that you can use to set up your ingestion pipeline in Falcon LogScale Collector or other log shippers. They serve to identify the repository, parser, and authority to send data for ingestion into LogScale.

Unlike API tokens, ingest tokens do not allow access to the API or to query data stored in repositories.

For more information, see Ingest Tokens.

Ephemeral User Tokens

An Ephemeral User Token is a special type of token. The ephemeralUserToken tokenType is used by LogScale when running a query or operation using an Organization Owned Query.

Self-Hosted Overview

Instance Administration

Query Administration

Configure Security

Authentication and identity providers

Other authentication methods

Cluster Management

Health Checks

Ingesting Data

Configuration Variables

LogScale URLs and Endpoints

Limits and Standards

Deployment Overview

Planning Your Deployment

Instance Sizing

Authentication and identity providers

Other authentication methods

Storage Architecture

Installing Using Containers

Installing On Bare Metal or Cloud Instance

Reference Architectures

Installing Load Balancers

Deploying Auxiliary Services

Configuration Settings

Managing Your Deployment

Testing Your Deployment

Humio Operator

Data Analysis Overview

LogScale Web Interface

Manage Repositories and Views

Manage Account

Parse Data

Search Data

Write Queries

Query Language Syntax

Query Joins and Lookups

Query Functions

Data Visualization

Automation

Template Language

Keyboard Shortcuts