Logo of linkbreakers
← Back to API Reference overview

Workspace Tokens

Endpoints for managing workspace tokens in Linkbreakers. These endpoints allow you to create, list, and delete workspace tokens for authentication.

Shortcut: ⌘K

#The Workspace Token object

Describes a long-lived credential Linkbreakers issues so back-end integrations can call workspace APIs without a human session, while keeping auditing metadata for security reviews.

createdAt

string (date-time)

The timestamp when the token was created

createdBy

string

The member who created the token (UUID of creator)

id

string

The unique identifier of the workspace token (UUID)

keyType

string (enum)

WorkspaceTokenKeyType defines the access level of a workspace token

Allowed values
WORKSPACE_TOKEN_KEY_TYPE_UNSPECIFIED

Default value (should not be used)

WORKSPACE_TOKEN_KEY_TYPE_SECRET

Secret key with full API access

WORKSPACE_TOKEN_KEY_TYPE_PUBLISHABLE

Publishable key with limited access

lastUsedAt

string (date-time)

The timestamp when the token was last used

name

string

The name of the token

updatedAt

string (date-time)

The timestamp when the token was last updated

workspaceId

string

The workspace ID the token belongs to (UUID)

GET/v1/workspace-tokensRequires auth

#List workspace tokens

Enumerate all active workspace tokens for auditing and management.

#Parameters

This endpoint does not accept any parameters.

#Response

200

Everything worked as expected.

tokens

array<object>

Tokens scoped to the calling workspace

#Error response

400-599

All endpoints may return an unexpected error payload when a request cannot be processed.

error

objectRequired

Wrapped error response.

GET/v1/workspace-tokens/{id}Requires auth

#Get a workspace token

Retrieve metadata for a specific workspace token without revealing its secret.

#Parameters

path parameters

id

stringRequiredpath

Identifier of the desired token (UUID)

#Response

200

Everything worked as expected.

token

object

Describes a long-lived credential Linkbreakers issues so back-end integrations can call workspace APIs without a human session, while keeping auditing metadata for security reviews.

#Error response

400-599

All endpoints may return an unexpected error payload when a request cannot be processed.

error

objectRequired

Wrapped error response.

POST/v1/workspace-tokensRequires auth

#Create a workspace token

Generate a new long-lived API token and return the one-time access secret.

#Parameters

This endpoint does not accept any parameters.

#Request body

keyType

string (enum)Required

WorkspaceTokenKeyType defines the access level of a workspace token

Allowed values
WORKSPACE_TOKEN_KEY_TYPE_UNSPECIFIED

Default value (should not be used)

WORKSPACE_TOKEN_KEY_TYPE_SECRET

Secret key with full API access

WORKSPACE_TOKEN_KEY_TYPE_PUBLISHABLE

Publishable key with limited access

name

string

The name of the token

#Response

200

Everything worked as expected.

accessToken

string

The actual JWT token to be used for authentication. It is returned only once and cannot be retrieved again.

token

object

Describes a long-lived credential Linkbreakers issues so back-end integrations can call workspace APIs without a human session, while keeping auditing metadata for security reviews.

#Error response

400-599

All endpoints may return an unexpected error payload when a request cannot be processed.

error

objectRequired

Wrapped error response.

DELETE/v1/workspace-tokens/{id}Requires auth

#Delete a workspace token

Revoke a workspace token immediately so it can no longer authenticate.

#Parameters

path parameters

id

stringRequiredpath

Identifier of the token to revoke (UUID)

#Response

200

Everything worked as expected.

No structured schema available for this section.

#Error response

400-599

All endpoints may return an unexpected error payload when a request cannot be processed.

error

objectRequired

Wrapped error response.