Personal access tokens#
Create and manage personal access tokens for API authentication.
Create personal access token#
Create a new personal access token. The plaintext token is only returned once.
typescript
const { data } = await bw.personalAccessTokens.create({
name: 'My Campaign',
});Parameters#
| Name | Type | Required | Description |
|---|---|---|---|
| name | string | Required | Display name for this token. |
| expiresAt | string (ISO 8601) | null | — | When this token should expire. |
Response#
Returns { data } with the result.
Store the token securely
The plaintext token is only returned in the creation response. It cannot be retrieved again. Store it securely.
List personal access tokens#
List all personal access tokens for the authenticated user.
typescript
const { items, totalCount, facets } = await bw.personalAccessTokens.list();Response#
Returns { items, totalCount, facets } with paginated results.
Revoke personal access token#
Revoke a personal access token, immediately invalidating it.
typescript
const { data } = await bw.personalAccessTokens.revoke({
id: 'abc-123',
});Parameters#
| Name | Type | Required | Description |
|---|---|---|---|
| id | string (UUID) | Required | Token identifier to revoke. |
Response#
Returns { data } with the result.
Immediate invalidation
Revoking a token immediately invalidates it. Any integrations using this token will stop working. This action cannot be undone.
Rotate personal access token#
Rotate a personal access token by revoking the old one and creating a new one.
typescript
const { data } = await bw.personalAccessTokens.rotate({
id: 'abc-123',
});Parameters#
| Name | Type | Required | Description |
|---|---|---|---|
| id | string (UUID) | Required | Token identifier to rotate (revokes old, creates new). |
Response#
Returns { data } with the result.