2020-10-28 11:08:49 -04:00
---
2020-11-17 10:09:28 -05:00
stage: Manage
group: Compliance
2020-11-26 01:09:20 -05:00
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
2020-10-28 11:08:49 -04:00
---
2020-10-31 02:09:06 -04:00
# Personal access tokens API
2020-08-06 17:10:15 -04:00
You can read more about [personal access tokens ](../user/profile/personal_access_tokens.md#personal-access-tokens ).
## List personal access tokens
2020-10-31 02:09:06 -04:00
> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/227264) in [GitLab Ultimate](https://about.gitlab.com/pricing/) 13.3.
2021-01-29 16:09:34 -05:00
> - [Moved](https://gitlab.com/gitlab-org/gitlab/-/issues/270200) to [GitLab Free](https://about.gitlab.com/pricing/) in 13.6.
2020-08-06 17:10:15 -04:00
Get a list of personal access tokens.
```plaintext
GET /personal_access_tokens
```
| Attribute | Type | required | Description |
|-----------|---------|----------|---------------------|
| `user_id` | integer/string | no | The ID of the user to filter by |
2020-12-04 16:09:29 -05:00
NOTE:
2020-08-06 17:10:15 -04:00
Administrators can use the `user_id` parameter to filter by a user. Non-administrators cannot filter by any user except themselves. Attempting to do so will result in a `401 Unauthorized` response.
```shell
curl --header "PRIVATE-TOKEN: < your_access_token > " "https://gitlab.example.com/api/v4/personal_access_tokens"
```
```json
2020-10-08 08:08:31 -04:00
[
2020-08-06 17:10:15 -04:00
{
"id": 4,
"name": "Test Token",
"revoked": false,
"created_at": "2020-07-23T14:31:47.729Z",
"scopes": [
"api"
],
"active": true,
"user_id": 24,
"expires_at": null
}
]
```
```shell
curl --header "PRIVATE-TOKEN: < your_access_token > " "https://gitlab.example.com/api/v4/personal_access_tokens?user_id=3"
```
```json
2020-10-08 08:08:31 -04:00
[
2020-08-06 17:10:15 -04:00
{
"id": 4,
"name": "Test Token",
"revoked": false,
"created_at": "2020-07-23T14:31:47.729Z",
"scopes": [
"api"
],
"active": true,
"user_id": 3,
"expires_at": null
}
]
```
2020-08-13 14:10:36 -04:00
## Revoke a personal access token
2021-01-14 13:10:59 -05:00
> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/216004) in [GitLab Ultimate](https://about.gitlab.com/pricing/) 13.3.
2021-01-29 16:09:34 -05:00
> - [Moved](https://gitlab.com/gitlab-org/gitlab/-/issues/270200) to [GitLab Free](https://about.gitlab.com/pricing/) in 13.6.
2020-08-13 14:10:36 -04:00
Revoke a personal access token.
```plaintext
DELETE /personal_access_tokens/:id
```
| Attribute | Type | required | Description |
|-----------|---------|----------|---------------------|
| `id` | integer/string | yes | ID of personal access token |
2020-12-04 16:09:29 -05:00
NOTE:
2020-08-13 14:10:36 -04:00
Non-administrators can revoke their own tokens. Administrators can revoke tokens of any user.
```shell
curl --request DELETE --header "PRIVATE-TOKEN: < your_access_token > " "https://gitlab.example.com/api/v4/personal_access_tokens/< personal_access_token_id > "
```
### Responses
- `204: No Content` if successfully revoked.
- `400 Bad Request` if not revoked successfully.
2020-11-16 07:09:05 -05:00
## Create a personal access token (admin only)
2020-12-24 07:10:03 -05:00
See the [Users API documentation ](users.md#create-a-personal-access-token ) for information on creating a personal access token.
