createSystemPermissionsTokenV2()

Summary

The createSystemPermissionsTokenV2() GraphQL mutation is used to create a system permissions token with the specified permissions.

To change the permissions related to a system permissions token, use the updateSystemPermissionsTokenPermissions() mutation. To delete a token, use the deleteToken() mutation.

Hide Query Example

Show System Permissions Query

To get a list of system permissions for , you could use the roles() query:

graphql

query {
     roles
       { totalResults,
         results { id, displayName, 
                   systemPermissions } 
        }
    }

For more information on access tokens of various types, see the Ingest Tokens documentation page. For information on user authorization, see the Manage Users and Permissions documentation page.

API Stability Long-Term

Syntax

graphql

createSystemPermissionsTokenV2(
       input: CreateSystemPermissionTokenV2Input!
    ): CreateSystemPermissionsTokenV2Output!

For the input, you'll have to give the name of the token, and a list of system permissions. See the Input Parameters section for details.

For the results, you can get plenty on the system permissions. See the Returned Values section for what's available.

Example

Raw

graphql

mutation {
	createSystemPermissionsTokenV2( input:
	  { name: "my-token",
      systemPermissions: [ ViewOrganizations,
                           ManageOrganizations ]
    } )
  { token, tokenMetadata { name } }
}

Mac OS or Linux (curl)

shell

curl -v -X POST $YOUR_LOGSCALE_URL/graphql \
    -H "Authorization: Bearer $TOKEN" \
    -H "Content-Type: application/json" \
    -d @- << EOF
{"query" : "mutation {
	createSystemPermissionsTokenV2( input:
	  { name: \"my-token\",
      systemPermissions: [ ViewOrganizations,
                           ManageOrganizations ]
    } )
  { token, tokenMetadata { name } }
}"
}
EOF

Mac OS or Linux (curl) One-line

shell

curl -v -X POST $YOUR_LOGSCALE_URL/graphql \
    -H "Authorization: Bearer $TOKEN" \
    -H "Content-Type: application/json" \
    -d @- << EOF
{"query" : "mutation {
	createSystemPermissionsTokenV2( input:
	  { name: \"my-token\",
      systemPermissions: [ ViewOrganizations,
                           ManageOrganizations ]
    } )
  { token, tokenMetadata { name } }
}"
}
EOF

Windows Cmd and curl

shell

curl -v -X POST $YOUR_LOGSCALE_URL/graphql ^
    -H "Authorization: Bearer $TOKEN" ^
    -H "Content-Type: application/json" ^
    -d @'{"query" : "mutation { ^
	createSystemPermissionsTokenV2( input: ^
	  { name: \"my-token\", ^
      systemPermissions: [ ViewOrganizations, ^
                           ManageOrganizations ] ^
    } ) ^
  { token, tokenMetadata { name } } ^
}" ^
} '

Windows Powershell and curl

powershell

curl.exe -X POST 
    -H "Authorization: Bearer $TOKEN"
    -H "Content-Type: application/json"
    -d '{"query" : "mutation {
	createSystemPermissionsTokenV2( input:
	  { name: \"my-token\",
      systemPermissions: [ ViewOrganizations,
                           ManageOrganizations ]
    } )
  { token, tokenMetadata { name } }
}"
}'
    "$YOUR_LOGSCALE_URL/graphql"

Perl

perl

#!/usr/bin/perl

use HTTP::Request;
use LWP;

my $TOKEN = "TOKEN";

my $uri = '$YOUR_LOGSCALE_URL/graphql';

my $query = "mutation {
	createSystemPermissionsTokenV2( input:
	  { name: \"my-token\",
      systemPermissions: [ ViewOrganizations,
                           ManageOrganizations ]
    } )
  { token, tokenMetadata { name } }
}";
$query =~ s/\n/ /g;
my $json = sprintf('{"query" : "%s"}',$query);
my $req = HTTP::Request->new("POST", $uri );

$req->header("Authorization" => "Bearer $TOKEN");
$req->header("Content-Type" => "application/json");

$req->content( $json );

my $lwp = LWP::UserAgent->new;

my $result = $lwp->request( $req );

print $result->{"_content"},"\n";

Python

python

#! /usr/local/bin/python3

import requests

url = '$YOUR_LOGSCALE_URL/graphql'
mydata = r'''{"query" : "mutation {
	createSystemPermissionsTokenV2( input:
	  { name: \"my-token\",
      systemPermissions: [ ViewOrganizations,
                           ManageOrganizations ]
    } )
  { token, tokenMetadata { name } }
}"
}'''

resp = requests.post(url,
                     data = mydata,
                     headers = {
   "Authorization" : "Bearer $TOKEN",
   "Content-Type" : "application/json"
}
)

print(resp.text)

Node.js

javascript

const https = require('https');

const data = JSON.stringify(
    {"query" : "mutation {
	createSystemPermissionsTokenV2( input:
	  { name: \"my-token\",
      systemPermissions: [ ViewOrganizations,
                           ManageOrganizations ]
    } )
  { token, tokenMetadata { name } }
}"
}
);


const options = {
  hostname: '$YOUR_LOGSCALE_URL',
  path: 'graphql',
  port: 443,
  method: 'POST',
  headers: {
    'Content-Type': 'application/json',
    'Content-Length': data.length,
    Authorization: 'BEARER ' + process.env.TOKEN,
    'User-Agent': 'Node',
  },
};

const req = https.request(options, (res) => {
  let data = '';
  console.log(`statusCode: ${res.statusCode}`);

  res.on('data', (d) => {
    data += d;
  });
  res.on('end', () => {
    console.log(JSON.parse(data).data);
  });
});

req.on('error', (error) => {
  console.error(error);
});

req.write(data);
req.end();

Example Responses

Success (HTTP Response Code 200 OK)

json

{
  "data": {
    "createSystemPermissionsTokenV2": {
      "token": "abc123",
      "tokenMetadata": {
        "name": "my-token"
      }
    }
  }
}

Input Parameters

For the input, you would provide the name of the token, and a list of system permissions. These are listed and explained, along with other parameters, in the table below:

Table: CreateSystemPermissionTokenV2Input Input Datatype

Parameter	Type	Required	Stability	Description
Some input parameters may be required, as indicated in the Required column. For return values, this indicates that you are assured a value if the field is requested for the results.
Table last updated: Feb 28, 2025
expireAt	long		`Long-Term`	The time at which the token expires.
ipFilterId	string		`Long-Term`	The unique identifier of the IP filter.
name	string	yes	`Long-Term`	The name of the token.
systemPermissions	[SystemPermission]	yes	`Long-Term`	A list of system permissions. See SystemPermission.

Returned Values

For the results, you can get a list of permissions, an IP filter, if there is one, that's used with the token, and other information. The table below contains some details:

Table: CreateSystemPermissionsTokenV2Output Datatype

Parameter	Type	Required	Stability	Description
Some input parameters may be required, as indicated in the Required column. For return values, this indicates that you are assured a value if the field is requested for the results.
Table last updated: Feb 28, 2025
token	string	yes	`Long-Term`	The system permissions token.
tokenMetadata	SystemPermissionsToken	yes	`Long-Term`	The token's metadata. See SystemPermissionsToken.

Versions of this Page

GraphQL Mutations

GraphQL API

GraphQL API Stability

GraphQL Queries

GraphQL Datatypes