API Stability Long-Term

The tokens() GraphQL query returns paginated search results for tokens.

For more information on access tokens of various types, see the Ingest Tokens documentation page.

Syntax

Below is the syntax for the tokens() query field:

graphql
tokens(
     searchFilter: string
     typeFilter: [Tokens__Type]
     parentEntityIdFilter: [string]
     sortBy: Tokens__SortBy!
     orderBy: OrderBy
     skip: integer
     limit: integer
   ): TokenQueryResultSet!

Below is an example of how this query field might be used:

Raw
graphql
query {
  tokens(sortBy: Name, orderBy: ASC)
        { totalResults, 
          results{name, expireAt} }
}
Mac OS or Linux (curl)
shell
curl -v -X POST $YOUR_LOGSCALE_URL/graphql \
    -H "Authorization: Bearer $TOKEN" \
    -H "Content-Type: application/json" \
    -d @- << EOF
{"query" : "query {
  tokens(sortBy: Name, orderBy: ASC)
        { totalResults, 
          results{name, expireAt} }
}"
}
EOF
Mac OS or Linux (curl) One-line
shell
curl -v -X POST $YOUR_LOGSCALE_URL/graphql \
    -H "Authorization: Bearer $TOKEN" \
    -H "Content-Type: application/json" \
    -d @- << EOF
{"query" : "query {
  tokens(sortBy: Name, orderBy: ASC)
        { totalResults, 
          results{name, expireAt} }
}"
}
EOF
Windows Cmd and curl
shell
curl -v -X POST $YOUR_LOGSCALE_URL/graphql ^
    -H "Authorization: Bearer $TOKEN" ^
    -H "Content-Type: application/json" ^
    -d @'{"query" : "query { ^
  tokens(sortBy: Name, orderBy: ASC) ^
        { totalResults,  ^
          results{name, expireAt} } ^
}" ^
} '
Windows Powershell and curl
powershell
curl.exe -X POST 
    -H "Authorization: Bearer $TOKEN"
    -H "Content-Type: application/json"
    -d '{"query" : "query {
  tokens(sortBy: Name, orderBy: ASC)
        { totalResults, 
          results{name, expireAt} }
}"
}'
    "$YOUR_LOGSCALE_URL/graphql"
Perl
perl
#!/usr/bin/perl

use HTTP::Request;
use LWP;

my $TOKEN = "TOKEN";

my $uri = '$YOUR_LOGSCALE_URL/graphql';

my $query = "query {
  tokens(sortBy: Name, orderBy: ASC)
        { totalResults, 
          results{name, expireAt} }
}";
$query =~ s/\n/ /g;
my $json = sprintf('{"query" : "%s"}',$query);
my $req = HTTP::Request->new("POST", $uri );

$req->header("Authorization" => "Bearer $TOKEN");
$req->header("Content-Type" => "application/json");

$req->content( $json );

my $lwp = LWP::UserAgent->new;

my $result = $lwp->request( $req );

print $result->{"_content"},"\n";
Python
python
#! /usr/local/bin/python3

import requests

url = '$YOUR_LOGSCALE_URL/graphql'
mydata = r'''{"query" : "query {
  tokens(sortBy: Name, orderBy: ASC)
        { totalResults, 
          results{name, expireAt} }
}"
}'''

resp = requests.post(url,
                     data = mydata,
                     headers = {
   "Authorization" : "Bearer $TOKEN",
   "Content-Type" : "application/json"
}
)

print(resp.text)
Node.js
javascript
const https = require('https');

const data = JSON.stringify(
    {"query" : "query {
  tokens(sortBy: Name, orderBy: ASC)
        { totalResults, 
          results{name, expireAt} }
}"
}
);


const options = {
  hostname: '$YOUR_LOGSCALE_URL/graphql',
  path: '/graphql',
  port: 443,
  method: 'POST',
  headers: {
    'Content-Type': 'application/json',
    'Content-Length': data.length,
    Authorization: 'BEARER ' + process.env.TOKEN,
    'User-Agent': 'Node',
  },
};

const req = https.request(options, (res) => {
  let data = '';
  console.log(`statusCode: ${res.statusCode}`);

  res.on('data', (d) => {
    data += d;
  });
  res.on('end', () => {
    console.log(JSON.parse(data).data);
  });
});

req.on('error', (error) => {
  console.error(error);
});

req.write(data);
req.end();
Example Responses
Success (HTTP Response Code 200 OK)
json
{
  "data": {
    "tokens": {
      "totalResults": 7,
      "results": [
        {
          "name": "Cluster Management",
          "createdAt": 1729603406707,
          "expireAt": null
        },
        {
          "name": "jenkinsAuto",
          "createdAt": 1729830704004,
          "expireAt": null
        },
        {
          "name": "Tester",
          "createdAt": 1730394131348,
          "expireAt": 1731258131010
        }
      ]
    }
  }
}

Given Datatypes

The given datatype Tokens__Type is an enumerated list of choices. They're listed below:

Table: Tokens__Type

ParameterTypeRequiredDefaultStabilityDescription
Some arguments may be required, as indicated in the Required column. For some fields, this column indicates that a result will always be returned for this column.
Table last updated: May 9, 2025
OrganizationManagementPermissionToken   Long-TermThe token is used for organization management access.
OrganizationPermissionToken   Long-TermThe token is an organization permission token.
SystemPermissionToken   Long-TermThe token is for system permission access.
ViewPermissionToken   Long-TermThe token is a view permission token.

The Tokens__SortBy is an enumerated list of choices. They're listed below:

Table: Tokens__SortBy

ParameterTypeRequiredDefaultStabilityDescription
Some arguments may be required, as indicated in the Required column. For some fields, this column indicates that a result will always be returned for this column.
Table last updated: May 9, 2025
ExpirationDate   Long-TermSort tokens by expiration date.
Name   Long-TermSort tokens by name.

Returned Datatypes

The returned datatype TokenQueryResultSet has its own parameters. Below is a list of them along with their datatypes and a description of each:

Table: TokenQueryResultSet

ParameterTypeRequiredDefaultStabilityDescription
Some arguments may be required, as indicated in the Required column. For some fields, this column indicates that a result will always be returned for this column.
Table last updated: Oct 3, 2024
results[Token]yes Long-TermThe paginated results set. See Token.
totalResultsintegeryes Long-TermThe total number of matching results.