createViewPermissionsToken()

API Stability Long-Term

The createViewPermissionsToken() GraphQL mutation field will create a view permission token to use with LogScale. The permissions will take effect across all of the views.

To change the permissions related to a view permissions token, use the updateViewPermissionsTokenPermissions() mutation. To delete a token, use the deleteToken() mutation.

Hide Query Example

Show View Permissions Query

To get a list of view permissions for , you could use the roles() query:

graphql

query {
     roles
       { totalResults,
         results { id, displayName, 
                   viewPermissions } 
        }
    }

For more information on access tokens of various types, see the Ingest Tokens documentation page. For information on user authorization, see the Manage Users and Permissions documentation page. You may also want to look at the Creating a Repository or View page for related information.

Syntax

graphql

createViewPermissionsToken(
      input: CreateViewPermissionsTokenInput!
   ): string

There is no special returned datatype for this mutation field.

Example

Below is an example of how this mutation field might be used:

Raw

graphql

mutation {
  createViewPermissionsToken(input:
        { name: "reader-token",
          expireAt: null,
          viewIds: [ "aK9GKAsTnMXfRxT8Fpecx3fX",
                     "N7t1bAn6xWMsWjVptueeNR16" ],
          permissions: [ ReadAccess ]
        } )
}

Mac OS or Linux (curl)

shell

curl -v -X POST $YOUR_LOGSCALE_URL/graphql \
    -H "Authorization: Bearer $TOKEN" \
    -H "Content-Type: application/json" \
    -d @- << EOF
{"query" : "mutation {
  createViewPermissionsToken(input:
        { name: \"reader-token\",
          expireAt: null,
          viewIds: [ \"aK9GKAsTnMXfRxT8Fpecx3fX\",
                     \"N7t1bAn6xWMsWjVptueeNR16\" ],
          permissions: [ ReadAccess ]
        } )
}"
}
EOF

Mac OS or Linux (curl) One-line

shell

curl -v -X POST $YOUR_LOGSCALE_URL/graphql \
    -H "Authorization: Bearer $TOKEN" \
    -H "Content-Type: application/json" \
    -d @- << EOF
{"query" : "mutation {
  createViewPermissionsToken(input:
        { name: \"reader-token\",
          expireAt: null,
          viewIds: [ \"aK9GKAsTnMXfRxT8Fpecx3fX\",
                     \"N7t1bAn6xWMsWjVptueeNR16\" ],
          permissions: [ ReadAccess ]
        } )
}"
}
EOF

Windows Cmd and curl

shell

curl -v -X POST $YOUR_LOGSCALE_URL/graphql ^
    -H "Authorization: Bearer $TOKEN" ^
    -H "Content-Type: application/json" ^
    -d @'{"query" : "mutation { ^
  createViewPermissionsToken(input: ^
        { name: \"reader-token\", ^
          expireAt: null, ^
          viewIds: [ \"aK9GKAsTnMXfRxT8Fpecx3fX\", ^
                     \"N7t1bAn6xWMsWjVptueeNR16\" ], ^
          permissions: [ ReadAccess ] ^
        } ) ^
}" ^
} '

Windows Powershell and curl

powershell

curl.exe -X POST 
    -H "Authorization: Bearer $TOKEN"
    -H "Content-Type: application/json"
    -d '{"query" : "mutation {
  createViewPermissionsToken(input:
        { name: \"reader-token\",
          expireAt: null,
          viewIds: [ \"aK9GKAsTnMXfRxT8Fpecx3fX\",
                     \"N7t1bAn6xWMsWjVptueeNR16\" ],
          permissions: [ ReadAccess ]
        } )
}"
}'
    "$YOUR_LOGSCALE_URL/graphql"

Perl

perl

#!/usr/bin/perl

use HTTP::Request;
use LWP;

my $TOKEN = "TOKEN";

my $uri = '$YOUR_LOGSCALE_URL/graphql';

my $query = "mutation {
  createViewPermissionsToken(input:
        { name: \"reader-token\",
          expireAt: null,
          viewIds: [ \"aK9GKAsTnMXfRxT8Fpecx3fX\",
                     \"N7t1bAn6xWMsWjVptueeNR16\" ],
          permissions: [ ReadAccess ]
        } )
}";
$query =~ s/\n/ /g;
my $json = sprintf('{"query" : "%s"}',$query);
my $req = HTTP::Request->new("POST", $uri );

$req->header("Authorization" => "Bearer $TOKEN");
$req->header("Content-Type" => "application/json");

$req->content( $json );

my $lwp = LWP::UserAgent->new;

my $result = $lwp->request( $req );

print $result->{"_content"},"\n";

Python

python

#! /usr/local/bin/python3

import requests

url = '$YOUR_LOGSCALE_URL/graphql'
mydata = r'''{"query" : "mutation {
  createViewPermissionsToken(input:
        { name: \"reader-token\",
          expireAt: null,
          viewIds: [ \"aK9GKAsTnMXfRxT8Fpecx3fX\",
                     \"N7t1bAn6xWMsWjVptueeNR16\" ],
          permissions: [ ReadAccess ]
        } )
}"
}'''

resp = requests.post(url,
                     data = mydata,
                     headers = {
   "Authorization" : "Bearer $TOKEN",
   "Content-Type" : "application/json"
}
)

print(resp.text)

Node.js

javascript

const https = require('https');

const data = JSON.stringify(
    {"query" : "mutation {
  createViewPermissionsToken(input:
        { name: \"reader-token\",
          expireAt: null,
          viewIds: [ \"aK9GKAsTnMXfRxT8Fpecx3fX\",
                     \"N7t1bAn6xWMsWjVptueeNR16\" ],
          permissions: [ ReadAccess ]
        } )
}"
}
);


const options = {
  hostname: '$YOUR_LOGSCALE_URL',
  path: 'graphql',
  port: 443,
  method: 'POST',
  headers: {
    'Content-Type': 'application/json',
    'Content-Length': data.length,
    Authorization: 'BEARER ' + process.env.TOKEN,
    'User-Agent': 'Node',
  },
};

const req = https.request(options, (res) => {
  let data = '';
  console.log(`statusCode: ${res.statusCode}`);

  res.on('data', (d) => {
    data += d;
  });
  res.on('end', () => {
    console.log(JSON.parse(data).data);
  });
});

req.on('error', (error) => {
  console.error(error);
});

req.write(data);
req.end();

Example Responses

Success (HTTP Response Code 200 OK)

json

{
  "data": {
    "createViewPermissionsToken": "ciQrkii7NJtUmtr6N8JQRoLCyuE4nKdT~06PKerqjTkLt6cITyDEvIHnYk82BgOOkof6NrMQMkFOX"
  }
}

Given Datatype

For this input datatype, you would provide the name of the token, a list of unique identifiers for the views, and a list of permissions. These are listed and explained, along with other parameters, in the table below:

Table: CreateViewPermissionsTokenInput

Parameter	Type	Required	Stability	Description
Some arguments may be required, as indicated in the Required column. For return datatypes, this indicates that you must specify which fields you want returned in the results.
Table last updated: Nov 29, 2024
expireAt	long		`Long-Term`	When the permission token will expire.
ipFilterId	string		`Long-Term`	The unique identifier of the IP filter.
name	string	yes	`Long-Term`	The name of the view permission token to create.
permissions	[Permission]	yes	`Long-Term`	A list of permissions related to the view that are granted. See Permission.
viewIds	[string]	yes	`Long-Term`	The unique identifiers for the views associated with the permission token.

Versions of this Page

GraphQL Mutations

GraphQL API Stability

GraphQL Queries

GraphQL Datatypes