# List non-expired access tokens Use this API to get a list of all non-expired access tokens for a specified user. You must specify either the username or the tokenCreator parameter as search criteria. If you pass values for both parameters in the same request, the API returns a list of all non-expired tokens that match both parameters. If you do not have the Create Impersonated Token and relevant Manage Users permissions, the API returns obfuscated values. Tip: If you want a more fine-grained search, use /tokens/search. Endpoint: GET /uar/v1/tokens Version: 2024.09 ## Query parameters: - `username` (string) The email address of the user for whom tokens should be listed (case sensitive). This is the user for whom the token was created. - `tokenCreator` (string) The email address of the token creator for whom tokens should be listed (case sensitive). This is the user who created tokens on another user's behalf. - `page` (integer) Retrieves a specific page. Must be a number (starting from 0). - `pageSize` (integer) Specifies how many tokens per page should be returned. Must be a number. Tip: Use the /tokens/count API to determine the total number of records for a specified user. ## Response 200 fields (application/json): - `responseObject` (array) The return value of this API request - `responseObject.expiryStr` (string, required) Lifetime of the token as specified when the token was created. Format: y M d h m, where y=years, M=months, d=days, h=hours, m=minutes (case sensitive), and representing any number. - `responseObject.tokenDescription` (string) Mandatory for IMPERSONATED tokens; optional for NORMAL tokens. For IMPERSONATED tokens, this field should capture the impersonation reason. - `responseObject.tokenExpiryMillis` (integer) The date and time when the token expires in milliseconds since 1970-01-01 00:00 (Epoch time). - `responseObject.tokenIssueMillis` (integer) The date and time when the token was issued in milliseconds since 1970-01-01 00:00 (Epoch time). - `responseObject.tokenName` (string, required) The name of the token that was verified. - `responseObject.tokenCreator` (string) The email address of the user who created the token. For NORMAL tokens, the email address for tokenCreator is the same as that for username. For IMPERSONATED tokens, the email addresses usually differ. - `responseObject.tokenType` (string, required) The type of token that was verified. Enum: "NORMAL", "IMPERSONATED" - `responseObject.username` (string, required) The user for whom the token was created. Usually this is specified as an email address. For NORMAL tokens, the email address for tokenCreator is the same as that for username. - `statusMessage` (string) The status message related to this API request.