Customer scoped access token

Two questions:

  1. Is there a way to list all customer scoped access tokens that have been generated? What is the curl syntax to do that?
  2. Can you delete an individual customer scoped access token?

@Colleen mind diving in here?

1 Like

The answer to both appears to be that it’s not possible.

Deleting the customer will invalidate the tokens, of course, but there does not appear to be a way to invalidate the tokens without having to recreate the shadow customer.

Understood. Thank you.

It’s not possible to list all customer scoped access tokens that have been generated using the Particle.io API. Access tokens are associated with a specific user, and only that user can view or revoke their own access tokens.

Additionally, as an owner of a Particle product, you can list all access tokens that have been generated for that product with this command: curl https://api.particle.io/v1/products/{product_id}/access_tokens \ -u access_token:

@Colleen
I did some testing and it appears that in order for the user/customer to list their access tokens the API call requires a username/password to authentication but since the customer is a shadow customer it does not have password so there is now way to authentication the api call. Any thoughts?