--- title: View tokens description: View API tokens in InfluxDB using the InfluxDB UI, the influx CLI, or the InfluxDB API. url: https://docs.influxdata.com/influxdb3/cloud-serverless/admin/tokens/view-tokens/ estimated_tokens: 2729 product: InfluxDB Cloud Serverless version: cloud-serverless --- # View tokens View API tokens and permissions using the InfluxDB user interface (UI), the `influx` command line interface (CLI), or the InfluxDB API. To follow best practices for secure API token generation and retrieval, InfluxDB Cloud Serverless enforces access restrictions on API tokens. - InfluxDB UI only allows access to the API token value immediately after the token is created. - You can’t change access (**read/write**) permissions for an API token after it’s created. - Tokens stop working when the user who created the token is deleted. We recommend the following for managing your tokens: - Create a generic user to create and manage tokens for writing data. - Store your tokens in a secure password vault for future access. **InfluxDB UI:** ## View tokens in the InfluxDB UI 1. In the navigation menu on the left, select **Load Data** > **API Tokens**. Load Data 2. Click a token description in the list to view the token status and a list of access permissions. **influx CLI:** ## View tokens using the influx CLI Use the [`influx auth list` command](/influxdb3/cloud-serverless/reference/cli/influx/auth/list) to view tokens. Provide the following flags: - `--token`: API token with permission to read authorizations ```sh influx auth list --token API_TOKEN ``` Filtering options such as filtering by authorization ID, username, or user ID are available. See the [`influx auth list` documentation](/influxdb3/cloud-serverless/reference/cli/influx/auth/list) for information about other available flags. **InfluxDB API:** ## View tokens using the InfluxDB API Use the `/api/v2/authorizations` InfluxDB API endpoint to view tokens and permissions. [GET https://cloud2.influxdata.com/api/v2/authorizations](/influxdb3/cloud-serverless/api/authorizations-api-tokens/#operation/GetAuthorizations) - [View a single token](#view-a-single-token) - [Filter the token list](#filter-the-token-list) Include the following in your request: - **Headers**: - **Authorization**: `Token API_TOKEN` (API token with the [`read: authorizations`](/influxdb3/cloud-serverless/api/authorizations-api-tokens/#operation/PostAuthorizations) permission) - **Content-type**: `application/json` ```sh curl --request GET \ "https://cloud2.influxdata.com/api/v2/authorizations" \ --header "Authorization: Token API_TOKEN" \ --header 'Content-type: application/json' ``` ### View a single token To view a specific authorization and token, include the authorization ID in the URL path. [GET https://cloud2.influxdata.com/api/v2/authorizations/{authID}](/influxdb3/cloud-serverless/api/authorizations-api-tokens/#operation/GetAuthorizationsID) Include the following in your request: - **Headers**: - **Authorization**: `Token API_TOKEN` (API token with the [`read: authorizations`](/influxdb3/cloud-serverless/api/authorizations-api-tokens/#operation/PostAuthorizations) permission) - **Content-type**: `application/json` ```sh curl --request GET \ "https://us-west-2-1.aws.cloud2.influxdata.com/api/v2/authorizations/AUTHORIZATION_ID" \ --header "Authorization: Token API_TOKEN" \ --header 'Content-type: application/json' ``` ### Filter the token list InfluxDB returns authorizations from the same organization as the token used in the request. To filter tokens by user, include `userID` as a query parameter in your request. ```sh # The example below uses the common `curl` and `jq` command-line tools # with the InfluxDB API to do the following: # 1. Find a user by username and extract the user ID. # 2. Find the user's authorizations by user ID. # 3. Filter for `active` authorizations that have `write` permission. function list_write_auths() { curl "https://cloud2.influxdata.com/api/v2/users/?name=$1" \ --header "Authorization: Token API_TOKEN" \ --header 'Content-type: application/json' | \ jq --arg USER $1 '.users[] | select(.name == $USER) | .id' | \ xargs -I '%' \ curl "https://cloud2.influxdata.com/api/v2/authorizations/?userID=%" \ --header "Authorization: Token API_TOKEN" \ --header 'Content-type: application/json' | \ jq '.authorizations[] | select(.permissions[] | select(.action=="write")) | select(.status=="active")' } list_write_auths 'iot_user_1' ``` See the [`/authorizations` endpoint documentation](/influxdb3/cloud-serverless/api/authorizations-api-tokens/)) for more information about available parameters.