Tokens API¶
| Method | Endpoint | Description |
|---|---|---|
POST |
/api/tokens |
Store encrypted token |
GET |
/api/tokens |
List tokens (values hidden) |
GET |
/api/tokens/{id} |
Get token metadata |
PUT |
/api/tokens/{id} |
Update token value or description |
DELETE |
/api/tokens/{id} |
Delete token |
Store Token¶
The value is encrypted at rest using the TOKEN_ENCRYPTION_KEY.
Response: 201 Created
Warning
Token values are write-only. The GET endpoints return metadata but never the decrypted value.
List Tokens¶
Returns token metadata (id, name, description, masked_value, created_by, timestamps). Values are always masked and never decrypted in API responses.
Response: 200 OK
Get Token¶
Returns one token metadata object with masked_value.
Update Token¶
All fields are optional. If value is provided, it is encrypted before storage.
Delete Token¶
Response: 204 No Content