'How do I revoke user-generated API tokens in Foundry?

Is there a way to programmatically revoke all user-generated tokens for a service user?

I saw some endpoints in the Multipass internal API, but from my understanding those are locked down for FE use. This is for killing off restricted tokens in the break-the glass-case, or when we kill off a connection to a remote system.

palantir-foundrypalantir-foundry-security


Solution 1:[1]

If this is just for one-off break-the-glass scenario, feel free to use internal APIs. You probably want the getTokens and revokeToken endpoints.

Reminder: Restricted tokens are not user-generated tokens. And restricted tokens should have very short lifetimes (ideally 1 hour or less) so revoking them shouldn’t really be a concern.

Sources

This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.

Source: Stack Overflow

Solution Source
Solution 1 ataheri

Related Questions

How can I embed clickable URL hyperlinks in data columns in Contour?

Is it possible to change the title property of an object via a derived value from an edit form in Foundry?

Creating a Leaflet map in code workbook in Foundry

In Foundry Workshop, is it possible to reset a scenario when a user navigates away from a Workshop tab?

How can I save a Foundry Scenario and use it in another Workshop module?

In Foundry Workshop, how do I save and writeback all values set within a Scenario?

How can i prefield values in a multiselect box in FoundrySlate

Connect QuickBooks with Foundry

Palantir Workshop - Filter settings [closed]

Tests in Foundry all pass when run one-by-one but many fail when run as part of a suite

What is the difference beween writting logic in Python or plain SQL in Foundry's SQL Transforms?

Is that possible to create a custom input widget in Foundry Slate?

How to filter on aggregated data in Foundry Functions?

Parsing a user's SAML attributes via Foundry's Multipass or Control Panel

If a user signs in through a different provider with the same UID, will the realm of that user be changed?