createAccessToken
Create a scoped, time-limited access token.
Access tokens provide finer-grained, short-lived credentials compared to the service account's permanent secret. Use them for CI/CD jobs, temporary automation, or any scenario where you want to limit the blast radius of a leaked credential.
The token field in the response contains the full bearer token value — it is only
shown once. Store it securely before navigating away. If you lose it, revoke the
token and create a new one.
Defaults to a 60-minute expiration if expiresInMinutes is not specified.
Currently, only service accounts can create access tokens.
Example:
mutation {
createAccessToken(
organizationId: "my-org"
input: { name: "deploy-token", scopes: ["deploy"], expiresInMinutes: 30 }
) {
result {
id
token
prefix
expiresAt
}
successful
messages { field message }
}
}
createAccessToken(
organizationId: ID!
input: CreateAccessTokenInput!
): AccessTokenWithValuePayload
Form Schema
This mutation supports dynamic form generation using JSON Schema.
Loading schema...
Arguments
createAccessToken.organizationId ● ID! non-null scalar {#organization-id}
Your organization's unique identifier.
createAccessToken.input ● CreateAccessTokenInput! non-null input {#input}
Create a scoped, time-limited access token for API authentication.