Token Management
Manage your access tokens: list all tokens, view accessible accounts, revoke tokens, and log out.
GET
/api/auth/token/listBearer / JWTList Access Tokens
Returns all access tokens for the authenticated user.
Query Parameters
| Parameter | Type | Required | Description |
|---|---|---|---|
| operatorId | UUID | No | Filter by operator |
Response 200 OK
{ "keys": [ { "id": 42, "title": "My CLI Key", "avatar": "claude", "keyPrefix": "pe_k1_abc1...", "operatorId": "550e8400-e29b-41d4-a716-446655440000", "operatorName": "Acme Corp", "createdAt": "2026-01-15T10:00:00Z", "expiresAt": "2026-04-15T10:00:00Z", "lastUsedAt": "2026-02-07T09:30:00Z", "masterAccessLevel": "full_access", "visibleFields": ["title", "times", "attendees"], "allowedOperations": ["respond_to_event", "create_events"], "timeframePastDays": 30, "timeframeFutureDays": 60, "timeframeDescription": "Last 30 days to next 60 days", "accessRules": [], "linkedResources": [ { "resourceId": "aaa-bbb-ccc", "title": "Primary Calendar" } ], "hasLinkedResources": true } ] } GET
/api/auth/token/accountsBearer TokenList Accessible Accounts
Returns all operators/workspaces the authenticated user has access to.
Response 200 OK
{ "operators": [ { "operatorId": "550e8400-e29b-41d4-a716-446655440000", "operatorName": "Acme Corp", "nickname": "acme", "accountId": "770e8400-e29b-41d4-a716-446655440000", "timeZone": "America/Chicago" } ], "defaultOperatorId": "550e8400-e29b-41d4-a716-446655440000" } DELETE
/api/auth/token/revoke/{tokenId}Bearer / JWTRevoke Access Token
Permanently revokes a specific access token by ID.
Path Parameters
| Parameter | Type | Description |
|---|---|---|
| tokenId | int | Access token ID to revoke |
Response 200 OK
{ "success": true, "message": "Access token revoked successfully" } POST
/api/auth/token/logoutBearer TokenLogout
Invalidates the current access token (self-revocation).
Response 200 OK
{ "success": true, "message": "Logged out successfully" }