API Stability Long-Term

The createOrganizationPermissionsToken() GraphQL mutation field is used to create an organization permissions token for organizational-level access. As an alternative, you can use the createOrganizationPermissionsTokenV2(), which returns more than the token string.

To change the permissions related to an organization permissions token, use the updateOrganizationPermissionsTokenPermissions() mutation. To delete a token, use the deleteToken() mutation.

Hide Query Example

Show Tokens and Permissions Query

For more information on organization settings, see the Organization Settings documentation page. You may also want to look at the Manage Users and Permissions page for related information. For information on access tokens of various types, see the Ingest Tokens documentation page.

Syntax

graphql
createOrganizationPermissionsToken(
      input: CreateOrganizationPermissionTokenInput!
   ): string

Example

Below is an example of how this mutation field might be used:

Raw
graphql
mutation {
  createOrganizationPermissionsToken(input:
         {name: "key-people",
          expireAt: null,
          permissions: [ManageUsers, ViewFleetManagement, ChangeFleetManagement ]
        } )
}
Mac OS or Linux (curl)
shell
curl -v -X POST $YOUR_LOGSCALE_URL/graphql \
    -H "Authorization: Bearer $TOKEN" \
    -H "Content-Type: application/json" \
    -d @- << EOF
{"query" : "mutation {
  createOrganizationPermissionsToken(input:
         {name: \"key-people\",
          expireAt: null,
          permissions: [ManageUsers, ViewFleetManagement, ChangeFleetManagement ]
        } )
}"
}
EOF
Mac OS or Linux (curl) One-line
shell
curl -v -X POST $YOUR_LOGSCALE_URL/graphql \
    -H "Authorization: Bearer $TOKEN" \
    -H "Content-Type: application/json" \
    -d @- << EOF
{"query" : "mutation {
  createOrganizationPermissionsToken(input:
         {name: \"key-people\",
          expireAt: null,
          permissions: [ManageUsers, ViewFleetManagement, ChangeFleetManagement ]
        } )
}"
}
EOF
Windows Cmd and curl
shell
curl -v -X POST $YOUR_LOGSCALE_URL/graphql ^
    -H "Authorization: Bearer $TOKEN" ^
    -H "Content-Type: application/json" ^
    -d @'{"query" : "mutation { ^
  createOrganizationPermissionsToken(input: ^
         {name: \"key-people\", ^
          expireAt: null, ^
          permissions: [ManageUsers, ViewFleetManagement, ChangeFleetManagement ] ^
        } ) ^
}" ^
} '
Windows Powershell and curl
powershell
curl.exe -X POST 
    -H "Authorization: Bearer $TOKEN"
    -H "Content-Type: application/json"
    -d '{"query" : "mutation {
  createOrganizationPermissionsToken(input:
         {name: \"key-people\",
          expireAt: null,
          permissions: [ManageUsers, ViewFleetManagement, ChangeFleetManagement ]
        } )
}"
}'
    "$YOUR_LOGSCALE_URL/graphql"
Perl
perl
#!/usr/bin/perl

use HTTP::Request;
use LWP;

my $TOKEN = "TOKEN";

my $uri = '$YOUR_LOGSCALE_URL/graphql';

my $query = "mutation {
  createOrganizationPermissionsToken(input:
         {name: \"key-people\",
          expireAt: null,
          permissions: [ManageUsers, ViewFleetManagement, ChangeFleetManagement ]
        } )
}";
$query =~ s/\n/ /g;
my $json = sprintf('{"query" : "%s"}',$query);
my $req = HTTP::Request->new("POST", $uri );

$req->header("Authorization" => "Bearer $TOKEN");
$req->header("Content-Type" => "application/json");

$req->content( $json );

my $lwp = LWP::UserAgent->new;

my $result = $lwp->request( $req );

print $result->{"_content"},"\n";
Python
python
#! /usr/local/bin/python3

import requests

url = '$YOUR_LOGSCALE_URL/graphql'
mydata = r'''{"query" : "mutation {
  createOrganizationPermissionsToken(input:
         {name: \"key-people\",
          expireAt: null,
          permissions: [ManageUsers, ViewFleetManagement, ChangeFleetManagement ]
        } )
}"
}'''

resp = requests.post(url,
                     data = mydata,
                     headers = {
   "Authorization" : "Bearer $TOKEN",
   "Content-Type" : "application/json"
}
)

print(resp.text)
Node.js
javascript
const https = require('https');

const data = JSON.stringify(
    {"query" : "mutation {
  createOrganizationPermissionsToken(input:
         {name: \"key-people\",
          expireAt: null,
          permissions: [ManageUsers, ViewFleetManagement, ChangeFleetManagement ]
        } )
}"
}
);


const options = {
  hostname: '$YOUR_LOGSCALE_URL',
  path: 'graphql',
  port: 443,
  method: 'POST',
  headers: {
    'Content-Type': 'application/json',
    'Content-Length': data.length,
    Authorization: 'BEARER ' + process.env.TOKEN,
    'User-Agent': 'Node',
  },
};

const req = https.request(options, (res) => {
  let data = '';
  console.log(`statusCode: ${res.statusCode}`);

  res.on('data', (d) => {
    data += d;
  });
  res.on('end', () => {
    console.log(JSON.parse(data).data);
  });
});

req.on('error', (error) => {
  console.error(error);
});

req.write(data);
req.end();
Example Responses
Success (HTTP Response Code 200 OK)
json
{
  "data": {
    "createOrganizationPermissionsToken": "odL25fMzpqOo03EpUzUiJUYdca47hXCQ~PmgMBNFdzt1oO6S9GLRLx2ViWimbBkekFgps8cEQIzX1"
  }
}

Given Datatype

For this input datatype, you would provide the name of the token, and a list of organization permissions. These are listed and explained, along with other parameters, in the table below:

Table: CreateOrganizationPermissionTokenInput

ParameterTypeRequiredDefaultStabilityDescription
Some arguments may be required, as indicated in the Required column. For return datatypes, this indicates that you must specify which fields you want returned in the results.
Table last updated: Sep 17, 2024
expireAtlong  Long-TermWhen the organization permission token will expire.
ipFilterIdstring  Long-TermThe unique identifier for the related IP filter.
namestringyes Long-TermThe name of the organization token.
permissions[OrganizationPermission]yes Long-TermA list of permissions for the organization. See OrganizationPermission.