List access tokens.

GET

access-tokens

curl --request GET \
  --url https://aws.s2.dev/v1/access-tokens \
  --header 'Authorization: Bearer <token>'

{
  "access_tokens": [
    {
      "auto_prefix_streams": false,
      "expires_at": "<string>",
      "id": "<string>",
      "scope": {
        "access_tokens": null,
        "basins": null,
        "op_groups": null,
        "ops": "[]",
        "streams": null
      }
    }
  ],
  "has_more": true
}

Authorizations

Authorization

string

header

required

Bearer authentication header of the form Bearer <token>, where <token> is your auth token.

Query Parameters

prefix

string

default:

List access tokens that begin with this prefix.

start_after

string

default:

Only return access tokens that lexicographically start after this ID.

limit

integer

default:1000

Number of results, up to a maximum of 1000.

Required range: 0 <= x <= 1000

Response

200

application/json

access_tokens

object[]

required

Access tokens information.

access_tokens.id

string

required

Access token ID. It must be unique to the account and between 1 and 96 characters.

access_tokens.scope

object

required

Access token scope.

access_tokens.scope.access_tokens

object | null

Token IDs allowed.

access_tokens.scope.basins

object | null

Basin names allowed.

access_tokens.scope.op_groups

object | null

Access permissions at operation group level.

access_tokens.scope.ops

enum<string>[] | null

Operations allowed for the token. A union of allowed operations and groups is used as an effective set of allowed operations.

Available options:

list-basins,

create-basin,

delete-basin,

reconfigure-basin,

get-basin-config,

issue-access-token,

revoke-access-token,

list-access-tokens,

list-streams,

create-stream,

delete-stream,

get-stream-config,

reconfigure-stream,

check-tail,

append,

read,

trim,

fence

access_tokens.scope.streams

object | null

Stream names allowed.

access_tokens.auto_prefix_streams

boolean

default:false

Namespace streams based on the configured stream-level scope, which must be a prefix. Stream name arguments will be automatically prefixed, and the prefix will be stripped when listing streams.

access_tokens.expires_at

string | null

Expiration time in seconds since Unix epoch. If not set, the expiration will be set to that of the requestor's token.

has_more

boolean

required

If set, indicates there are more results that can be listed with start_after.

Issue a new access token.

curl --request GET \
  --url https://aws.s2.dev/v1/access-tokens \
  --header 'Authorization: Bearer <token>'

{
  "access_tokens": [
    {
      "auto_prefix_streams": false,
      "expires_at": "<string>",
      "id": "<string>",
      "scope": {
        "access_tokens": null,
        "basins": null,
        "op_groups": null,
        "ops": "[]",
        "streams": null
      }
    }
  ],
  "has_more": true
}

access-tokens

basins

streams

records

Authorizations

Query Parameters

Response