Api tokens
List Customer Tokens
Returns API tokens visible to the current user. Restricted users see only their customer-scoped tokens; admins see all tokens. Tokens are masked — only the first 8 characters are shown.
GET /api/customer/tokens
Example (cURL)
curl -X GET "$BASE_URL/api/customer/tokens" \
-H "Cookie: $SESSION_COOKIE" \
-H "Accept: application/json"Response
[
{
"id": 2,
"organizationId": 1,
"name": "Customer Scoped Token",
"customerId": 5,
"customerName": "Acme Corp",
"lastUsedAt": null,
"expiresAt": null,
"createdAt": "2026-02-01T08:00:00.000Z",
"tokenHint": "wsm_f7e6d5..."
}
]Common errors
401 Unauthorizedwhen not authenticated403 Forbiddenwhen user lacks read access