Heads up! On March 5, starting at 4:30 PM Central Time, our community will be undergoing scheduled maintenance for a few hours. During this time, you will find the site temporarily inaccessible. Thanks for your patience. Read more.

×
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Jira rest API to get list of user tokens and expiry dates

arnisjuraga
arnisjuraga April 22, 2022

Is there a way, how we can get Jira user Personal Access Tokens information using /rest/api/2/ ? 

 

Is there an API endpoint to 

- get list of all tokens for specific user

- get expiry date for each token

 

Endpoint `/rest/api/2/user/?username=myuser` resturns basic data about user. 

But I need to get Expiry date of specific user token.

 

.

 

 

Answer
Watch
Like Be the first to like this
3508 views

1 answer

0 votes
arnisjuraga
arnisjuraga April 22, 2022

After extensive search, the only reference I finally found is mentioned here: https://confluence.atlassian.com/enterprise/using-personal-access-tokens-1026032365.html 

Looks like there is undocumented API endpoint. 

If you make GET request to:

{{baseUrlOfYourInstance}}/rest/pat/latest/tokens

you will receive nice list of all current user tokens with expiry dates!

View More Comments
Tony Rice
Tony Rice
Contributor
February 10, 2023

That will give you a list of tokens belonging to the user making the call, which is great for individual users.

buuuut....

I'd like to have an API endpoint that returns all tokens instance-wide, the information available to administrators on the System->Administering personal access tokens page.

Is there an API endpoint that offers this info?

Like
nick gleed
nick gleed April 27, 2023

I had the same need - we wanted to flag those PAT's that had admin rights..... I did it via SQL.

SELECT DISTINCT u.lower_first_name || ' ' || u.lower_last_name AS full_name, pt."NAME" AS token_name, pt."LAST_ACCESSED_AT", pt."EXPIRING_AT",
bool_or(CASE
WHEN m.parent_name IN (SELECT group_id FROM globalpermissionentry WHERE permission IN ('ADMINISTER','SYSTEM_ADMIN')) THEN true
ELSE false
END) AS admin_rights
FROM "AO_81F455_PERSONAL_TOKEN" AS pt
INNER JOIN app_user AS k ON k.user_key = pt."USER_KEY"
INNER JOIN cwd_membership AS m ON m.lower_child_name = k.lower_user_name
INNER JOIN cwd_user AS u ON u.lower_user_name = k.lower_user_name
WHERE u.active = 1
AND ((pt."LAST_ACCESSED_AT" >= CURRENT_DATE) OR (pt."LAST_ACCESSED_AT" IS NULL))
GROUP BY u.lower_first_name, u.lower_last_name, pt."NAME", pt."LAST_ACCESSED_AT", pt."EXPIRING_AT";

Like Ahmed ElSayed likes this
Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira
TAGS
AUG Leaders

Atlassian Community Events

    See all events