tag:help.appveyor.com,2012-11-13:/discussions/questions/52489-list-of-users-with-api-tokens-creation-date-last-access-dateAppVeyor: Discussion 2021-09-01T21:03:06Ztag:help.appveyor.com,2012-11-13:Comment/489673352021-01-15T05:10:43Z2021-01-15T05:10:54ZList of users with API tokens, creation date, last access date<div><p>Hi David,</p>
<p>There is currently no API to list users' API token details, however, I think we could add that. We can add the last generated dates for both account-specific and global tokens to the list of account users and a new endpoint to invalidate token for specified user. Is there anything else you need?</p></div>Feodor Fitsnertag:help.appveyor.com,2012-11-13:Comment/489673352021-01-22T16:05:52Z2021-01-22T16:05:53ZList of users with API tokens, creation date, last access date<div><p>that would be great!<br>
this will help our auditing process review</p></div>david guimbellottag:help.appveyor.com,2012-11-13:Comment/489673352021-06-30T13:39:17Z2021-06-30T13:39:18ZList of users with API tokens, creation date, last access date<div><p>any update?</p></div>david guimbellottag:help.appveyor.com,2012-11-13:Comment/489673352021-06-30T20:13:41Z2021-06-30T20:13:41ZList of users with API tokens, creation date, last access date<div><p>Sure, will deploy it by the end of this week. Thanks for checking on.</p></div>Feodor Fitsnertag:help.appveyor.com,2012-11-13:Comment/489673352021-07-02T19:27:07Z2021-07-02T19:27:07ZList of users with API tokens, creation date, last access date<div><p>Hi David,</p>
<p>An update with new API for token expirations has been deployed.</p>
<p>So, the items returned by <code>https://ci.appveyor.com/api/account/{account}/users</code> endpoint now include two additional (nullable) fields: <code>accountApiTokenGenerated</code> and <code>userApiTokenGenerated</code> which contain timestamps for account-specific (v1) and "global" user-specific (v2) API tokens respectively.</p>
<p>Endpoints for invalidating expired tokens of users belonging to your account:</p>
<pre>
<code>DELETE /api/account/{account}/users/{id}/account-api-token
DELETE /api/users/{id}/account-api-token
DELETE /api/account/{account}/users/{id}/user-api-token
DELETE /api/users/{id}/user-api-token</code>
</pre>
<p>Endpoints for invalidating expired tokens of collaborators joined to your account:</p>
<pre>
<code>DELETE /api/account/{account}/collaborators/{id}/account-api-token
DELETE /api/collaborators/{id}/account-api-token</code>
</pre>
<p>Let me know if you have any questions.</p></div>Feodor Fitsner