--- title: List access tokens for a service account description: Datadog, the leading service for cloud-scale monitoring. breadcrumbs: Docs > API Reference > Service Accounts --- # List access tokens for a service account{% #list-access-tokens-for-a-service-account %} Copy pageCopied {% tab title="v2" %} | Datadog site | API endpoint | | ----------------- | -------------------------------------------------------------------------------------------- | | ap1.datadoghq.com | GET https://api.ap1.datadoghq.com/api/v2/service_accounts/{service_account_id}/access_tokens | | ap2.datadoghq.com | GET https://api.ap2.datadoghq.com/api/v2/service_accounts/{service_account_id}/access_tokens | | app.datadoghq.eu | GET https://api.datadoghq.eu/api/v2/service_accounts/{service_account_id}/access_tokens | | app.ddog-gov.com | GET https://api.ddog-gov.com/api/v2/service_accounts/{service_account_id}/access_tokens | | us2.ddog-gov.com | GET https://api.us2.ddog-gov.com/api/v2/service_accounts/{service_account_id}/access_tokens | | app.datadoghq.com | GET https://api.datadoghq.com/api/v2/service_accounts/{service_account_id}/access_tokens | | us3.datadoghq.com | GET https://api.us3.datadoghq.com/api/v2/service_accounts/{service_account_id}/access_tokens | | us5.datadoghq.com | GET https://api.us5.datadoghq.com/api/v2/service_accounts/{service_account_id}/access_tokens | ### Overview List all access tokens for a specific service account. This endpoint requires the `service_account_write` permission. ### Arguments #### Path Parameters | Name | Type | Description | | ------------------------------------ | ------ | ------------------------------ | | service_account_id [*required*] | string | The ID of the service account. | #### Query Strings | Name | Type | Description | | ------------ | ------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | page[size] | integer | Size for a given page. The maximum allowed value is 100. | | page[number] | integer | Specific page number to return. | | sort | enum | Access token attribute used to sort results. Sort order is ascending by default. In order to specify a descending sort, prefix the attribute with a minus sign. Allowed enum values: `name, -name, created_at, -created_at, expires_at, -expires_at, last_used_at, -last_used_at` | | filter | string | Filter access tokens by the specified string. | ### Response {% tab title="200" %} OK {% tab title="Model" %} Response for a list of access tokens. | Parent field | Field | Type | Description | | ------------- | ---------------------- | --------- | --------------------------------------------------------------------------------- | | | data | [object] | Array of access tokens. | | data | attributes | object | Attributes of an access token. | | attributes | created_at | date-time | Creation date of the access token. | | attributes | expires_at | date-time | Expiration date of the access token. | | attributes | last_used_at | date-time | Date the access token was last used. | | attributes | modified_at | date-time | Date of last modification of the access token. | | attributes | name | string | Name of the access token. | | attributes | public_portion | string | The public portion of the access token. | | attributes | scopes | [string] | Array of scopes granted to the access token. | | data | id | string | ID of the access token. | | data | relationships | object | Resources related to the access token. | | relationships | owned_by | object | Relationship to service account. | | owned_by | data [*required*] | object | Relationship to service account object. | | data | id [*required*] | string | A unique identifier that represents the service account. | | data | type [*required*] | enum | Service account resource type. Allowed enum values: `service_account` | | data | type | enum | Service access tokens resource type. Allowed enum values: `service_access_tokens` | | | meta | object | Additional information related to the access token response. | | meta | page | object | Pagination information. | | page | total_filtered_count | int64 | Total filtered access token count. | {% /tab %} {% tab title="Example" %} ```json { "data": [ { "attributes": { "created_at": "2024-01-01T00:00:00+00:00", "expires_at": "2025-12-31T23:59:59+00:00", "last_used_at": "2025-06-15T12:30:00+00:00", "modified_at": "2024-06-01T00:00:00+00:00", "name": "My Access Token", "public_portion": "ddsat_abc123", "scopes": [ "dashboards_read", "dashboards_write" ] }, "id": "string", "relationships": { "owned_by": { "data": { "id": "00000000-0000-0000-2345-000000000000", "type": "service_account" } } }, "type": "service_access_tokens" } ], "meta": { "page": { "total_filtered_count": "integer" } } } ``` {% /tab %} {% /tab %} {% tab title="400" %} Bad Request {% tab title="Model" %} API error response. | Field | Type | Description | | ------------------------ | -------- | ----------------- | | errors [*required*] | [string] | A list of errors. | {% /tab %} {% tab title="Example" %} ```json { "errors": [ "Bad Request" ] } ``` {% /tab %} {% /tab %} {% tab title="403" %} Forbidden {% tab title="Model" %} API error response. | Field | Type | Description | | ------------------------ | -------- | ----------------- | | errors [*required*] | [string] | A list of errors. | {% /tab %} {% tab title="Example" %} ```json { "errors": [ "Bad Request" ] } ``` {% /tab %} {% /tab %} {% tab title="404" %} Not Found {% tab title="Model" %} API error response. | Field | Type | Description | | ------------------------ | -------- | ----------------- | | errors [*required*] | [string] | A list of errors. | {% /tab %} {% tab title="Example" %} ```json { "errors": [ "Bad Request" ] } ``` {% /tab %} {% /tab %} {% tab title="429" %} Too many requests {% tab title="Model" %} API error response. | Field | Type | Description | | ------------------------ | -------- | ----------------- | | errors [*required*] | [string] | A list of errors. | {% /tab %} {% tab title="Example" %} ```json { "errors": [ "Bad Request" ] } ``` {% /tab %} {% /tab %} ### Code Example ##### \# Path parameters export service_account_id="00000000-0000-1234-0000-000000000000" \# Curl command curl -X GET "https://api.datadoghq.com/api/v2/service_accounts/${service_account_id}/access_tokens" \ -H "Accept: application/json" \ -H "DD-API-KEY: ${DD_API_KEY}" \ -H "DD-APPLICATION-KEY: ${DD_APP_KEY}" ##### ```python """ List access tokens for a service account returns "OK" response """ from os import environ from datadog_api_client import ApiClient, Configuration from datadog_api_client.v2.api.service_accounts_api import ServiceAccountsApi # there is a valid "service_account_user" in the system SERVICE_ACCOUNT_USER_DATA_ID = environ["SERVICE_ACCOUNT_USER_DATA_ID"] configuration = Configuration() with ApiClient(configuration) as api_client: api_instance = ServiceAccountsApi(api_client) response = api_instance.list_service_account_access_tokens( service_account_id=SERVICE_ACCOUNT_USER_DATA_ID, ) print(response) ``` #### Instructions First [install the library and its dependencies](https://docs.datadoghq.com/api/latest.md?code-lang=python) and then save the example to `example.py` and run following commands: DD_SITE="datadoghq.com" DD_API_KEY="" DD_APP_KEY="" python3 "example.py" ##### ```ruby # List access tokens for a service account returns "OK" response require "datadog_api_client" api_instance = DatadogAPIClient::V2::ServiceAccountsAPI.new # there is a valid "service_account_user" in the system SERVICE_ACCOUNT_USER_DATA_ID = ENV["SERVICE_ACCOUNT_USER_DATA_ID"] p api_instance.list_service_account_access_tokens(SERVICE_ACCOUNT_USER_DATA_ID) ``` #### Instructions First [install the library and its dependencies](https://docs.datadoghq.com/api/latest.md?code-lang=ruby) and then save the example to `example.rb` and run following commands: DD_SITE="datadoghq.com" DD_API_KEY="" DD_APP_KEY="" rb "example.rb" ##### ```go // List access tokens for a service account returns "OK" response package main import ( "context" "encoding/json" "fmt" "os" "github.com/DataDog/datadog-api-client-go/v2/api/datadog" "github.com/DataDog/datadog-api-client-go/v2/api/datadogV2" ) func main() { // there is a valid "service_account_user" in the system ServiceAccountUserDataID := os.Getenv("SERVICE_ACCOUNT_USER_DATA_ID") ctx := datadog.NewDefaultContext(context.Background()) configuration := datadog.NewConfiguration() apiClient := datadog.NewAPIClient(configuration) api := datadogV2.NewServiceAccountsApi(apiClient) resp, r, err := api.ListServiceAccountAccessTokens(ctx, ServiceAccountUserDataID, *datadogV2.NewListServiceAccountAccessTokensOptionalParameters()) if err != nil { fmt.Fprintf(os.Stderr, "Error when calling `ServiceAccountsApi.ListServiceAccountAccessTokens`: %v\n", err) fmt.Fprintf(os.Stderr, "Full HTTP response: %v\n", r) } responseContent, _ := json.MarshalIndent(resp, "", " ") fmt.Fprintf(os.Stdout, "Response from `ServiceAccountsApi.ListServiceAccountAccessTokens`:\n%s\n", responseContent) } ``` #### Instructions First [install the library and its dependencies](https://docs.datadoghq.com/api/latest.md?code-lang=go) and then save the example to `main.go` and run following commands: DD_SITE="datadoghq.com" DD_API_KEY="" DD_APP_KEY="" go run "main.go" ##### ```java // List access tokens for a service account returns "OK" response import com.datadog.api.client.ApiClient; import com.datadog.api.client.ApiException; import com.datadog.api.client.v2.api.ServiceAccountsApi; import com.datadog.api.client.v2.model.ListPersonalAccessTokensResponse; public class Example { public static void main(String[] args) { ApiClient defaultClient = ApiClient.getDefaultApiClient(); ServiceAccountsApi apiInstance = new ServiceAccountsApi(defaultClient); // there is a valid "service_account_user" in the system String SERVICE_ACCOUNT_USER_DATA_ID = System.getenv("SERVICE_ACCOUNT_USER_DATA_ID"); try { ListPersonalAccessTokensResponse result = apiInstance.listServiceAccountAccessTokens(SERVICE_ACCOUNT_USER_DATA_ID); System.out.println(result); } catch (ApiException e) { System.err.println( "Exception when calling ServiceAccountsApi#listServiceAccountAccessTokens"); System.err.println("Status code: " + e.getCode()); System.err.println("Reason: " + e.getResponseBody()); System.err.println("Response headers: " + e.getResponseHeaders()); e.printStackTrace(); } } } ``` #### Instructions First [install the library and its dependencies](https://docs.datadoghq.com/api/latest.md?code-lang=java) and then save the example to `Example.java` and run following commands: DD_SITE="datadoghq.com" DD_API_KEY="" DD_APP_KEY="" java "Example.java" ##### ```rust // List access tokens for a service account returns "OK" response use datadog_api_client::datadog; use datadog_api_client::datadogV2::api_service_accounts::ListServiceAccountAccessTokensOptionalParams; use datadog_api_client::datadogV2::api_service_accounts::ServiceAccountsAPI; #[tokio::main] async fn main() { // there is a valid "service_account_user" in the system let service_account_user_data_id = std::env::var("SERVICE_ACCOUNT_USER_DATA_ID").unwrap(); let configuration = datadog::Configuration::new(); let api = ServiceAccountsAPI::with_config(configuration); let resp = api .list_service_account_access_tokens( service_account_user_data_id.clone(), ListServiceAccountAccessTokensOptionalParams::default(), ) .await; if let Ok(value) = resp { println!("{:#?}", value); } else { println!("{:#?}", resp.unwrap_err()); } } ``` #### Instructions First [install the library and its dependencies](https://docs.datadoghq.com/api/latest.md?code-lang=rust) and then save the example to `src/main.rs` and run following commands: DD_SITE="datadoghq.com" DD_API_KEY="" DD_APP_KEY="" cargo run ##### ```typescript /** * List access tokens for a service account returns "OK" response */ import { client, v2 } from "@datadog/datadog-api-client"; const configuration = client.createConfiguration(); const apiInstance = new v2.ServiceAccountsApi(configuration); // there is a valid "service_account_user" in the system const SERVICE_ACCOUNT_USER_DATA_ID = process.env .SERVICE_ACCOUNT_USER_DATA_ID as string; const params: v2.ServiceAccountsApiListServiceAccountAccessTokensRequest = { serviceAccountId: SERVICE_ACCOUNT_USER_DATA_ID, }; apiInstance .listServiceAccountAccessTokens(params) .then((data: v2.ListPersonalAccessTokensResponse) => { console.log( "API called successfully. Returned data: " + JSON.stringify(data) ); }) .catch((error: any) => console.error(error)); ``` #### Instructions First [install the library and its dependencies](https://docs.datadoghq.com/api/latest.md?code-lang=typescript) and then save the example to `example.ts` and run following commands: DD_SITE="datadoghq.com" DD_API_KEY="" DD_APP_KEY="" tsc "example.ts" {% /tab %}