Skip to main content
GET
List active tokens
Returns all active (non-revoked) API tokens for the authenticated partner. Token secrets are never included in the response. Requires token management to be enabled for the partner (see Get Partner Capabilities).

Authorizations

lmts-api-key
string
header
required

Scoped API token with HMAC-SHA256 signing. Requires three headers: lmts-api-key (token ID), lmts-timestamp (ISO-8601), lmts-signature (Base64-encoded HMAC). See Authentication docs for details.

Response

List of active tokens

tokenId
string
required

Unique token identifier

label
string | null
required

Human-readable label

scopes
string[]
required

Granted scopes

createdAt
string<date-time>
required

Token creation timestamp

lastUsedAt
string<date-time> | null
required

Last time the token was used for authentication