List tokens
Lists all API tokens associated with the requesting user or, for admins,
the user specified by the optional user_id filter. The response omits
token values for security but includes metadata needed to audit usage,
expiration, ownership, and status. Use this endpoint to monitor which
credentials are active, determine whether they are API or service tokens,
and decide when to revoke, rotate, or expire them.
To filter by user (admin only), use filter=eq(user_id,<uuid>).
Authorizations
Biscuit-based bearer token. Obtain tokens from the Adaptyv Portal or via the /tokens endpoint. Tokens encode organization membership and role-based capabilities; the API verifies the token's cryptographic signature and authorization claims before processing requests. Use /tokens/attenuate to create restricted tokens for delegation.
Query Parameters
Maximum number of items to return (1-100, default 50).
Number of items to skip (default 0).
Filter expression in s-expression syntax.
Comparison: eq(field,value), neq(field,value), gt(field,value),
lt(field,value), gte(field,value), lte(field,value),
contains(field,substring)
Range/set: between(field,lo,hi), in(field,v1,v2,...)
Logical: and(expr1,expr2,...), or(expr1,expr2,...), not(expr)
Null checks: is_null(field), is_not_null(field)
JSONB access: at(field,key) — e.g. eq(at(metadata,score),42)
Cast functions: float(expr), int(expr), text(expr),
timestamp(expr), date(expr)
Example: and(gte(created_at,2026-01-01),eq(status,draft))
Sort expression. Supports multi-column sort (comma-separated, up to 8), JSONB path access, and type casts.
Examples: desc(created_at), desc(created_at),asc(name),
asc(at(metadata,score)), asc(date(at(metadata,start_date)))
Response
Token list
Paginated list response with offset-based navigation metadata.
All list endpoints return this shape. Use offset and limit query
parameters to page through results; total reports how many items
match the query across all pages.