Problem: API for /api/user/tokens changed #3273
-
IssueBefore, on 2.14, I was using /api/user/tokens to fetch a non-expired token and reuse it. So I upgraded to 2.15 and now it is failing. The token is coming back trimmed. ❯ curl -X GET 'https://semaphore/api/user/tokens' -H "Authorization: Bearer ****" | jq .
[
{
"id": "vlv3dyfk",
"created": "2025-08-12T13:23:26Z",
"expired": false,
"user_id": 8
},
{
"id": "u1p7nzog",
"created": "2025-08-12T13:19:09Z",
"expired": false,
"user_id": 8
}
]If I request a new token, it is created properly: ❯ curl -X 'POST' \
'https://semaphore/api/user/tokens' \
-H 'accept: application/json' \
-d '' \
-b 'semaphore=****; Path=/; HttpOnly' -s
{"id":"d1qvj3v3wynblapxz6fpvoryhli9bztwfn8_ha1rd4w=","created":"2025-08-12T13:37:26Z","expired":false,"user_id":8}But on requesting it for usage: ❯ curl -X GET 'https://semaphore.xensam.eu/api/user/tokens/' -H "Authorization: Bearer d1qvj3v3wynblapxz6fpvoryhli9bztwfn8_ha1rd4w=" -s | jq .
[
{
"id": "d1qvj3v3",
"created": "2025-08-12T13:37:26Z",
"expired": false,
"user_id": 8
},
{
"id": "vlv3dyfk",
"created": "2025-08-12T13:23:26Z",
"expired": false,
"user_id": 8
}
]result is trimmed. ImpactWeb-Backend (APIs) Installation methodBinary DatabaseBoltDB BrowserNo response Semaphore Version2.15.0-1e13324-1749881537 Ansible VersionLogs & errorsNo response Manual installation - system informationNo response ConfigurationNo response Additional informationNo response |
Beta Was this translation helpful? Give feedback.
Replies: 2 comments
-
|
Yes, API changed for security reasons. |
Beta Was this translation helpful? Give feedback.
-
|
But then it is missing to update documentation. At the time I wrote this, it wasn't mentioning the change. |
Beta Was this translation helpful? Give feedback.
Yes, API changed for security reasons.