Heads up! On March 5, starting at 4:30 PM Central Time, our community will be undergoing scheduled maintenance for a few hours. During this time, you will find the site temporarily inaccessible. Thanks for your patience. Read more.

×
Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

Jira rest API to get list of user tokens and expiry dates

arnisjuraga April 22, 2022

Is there a way, how we can get Jira user Personal Access Tokens information using /rest/api/2/ ? 

 

Is there an API endpoint to 

- get list of all tokens for specific user

- get expiry date for each token

 

Endpoint `/rest/api/2/user/?username=myuser` resturns basic data about user. 

But I need to get Expiry date of specific user token.

 

.

 

 

1 answer

0 votes
arnisjuraga April 22, 2022

After extensive search, the only reference I finally found is mentioned here: https://confluence.atlassian.com/enterprise/using-personal-access-tokens-1026032365.html 

Looks like there is undocumented API endpoint. 

If you make GET request to:

{{baseUrlOfYourInstance}}/rest/pat/latest/tokens

you will receive nice list of all current user tokens with expiry dates!

Tony Rice
Contributor
February 10, 2023

That will give you a list of tokens belonging to the user making the call, which is great for individual users.

buuuut....

I'd like to have an API endpoint that returns all tokens instance-wide, the information available to administrators on the System->Administering personal access tokens page.

Is there an API endpoint that offers this info?

nick gleed April 27, 2023

I had the same need - we wanted to flag those PAT's that had admin rights..... I did it via SQL.

SELECT DISTINCT u.lower_first_name || ' ' || u.lower_last_name AS full_name, pt."NAME" AS token_name, pt."LAST_ACCESSED_AT", pt."EXPIRING_AT",
bool_or(CASE
WHEN m.parent_name IN (SELECT group_id FROM globalpermissionentry WHERE permission IN ('ADMINISTER','SYSTEM_ADMIN')) THEN true
ELSE false
END) AS admin_rights
FROM "AO_81F455_PERSONAL_TOKEN" AS pt
INNER JOIN app_user AS k ON k.user_key = pt."USER_KEY"
INNER JOIN cwd_membership AS m ON m.lower_child_name = k.lower_user_name
INNER JOIN cwd_user AS u ON u.lower_user_name = k.lower_user_name
WHERE u.active = 1
AND ((pt."LAST_ACCESSED_AT" >= CURRENT_DATE) OR (pt."LAST_ACCESSED_AT" IS NULL))
GROUP BY u.lower_first_name, u.lower_last_name, pt."NAME", pt."LAST_ACCESSED_AT", pt."EXPIRING_AT";

Like Ahmed ElSayed likes this

Suggest an answer

Log in or Sign up to answer