# Tokens ## Create Organization Token - [POST /v1/tokens](https://docs.synqly.com/api-reference/management/tokens/tokens_create_token.md): Create an adhoc organization token restricted to specified resources and permission set. Tokens can only be reduced in scope, never expanded. Permissions are inherited from the token used to call this API. Permissions assigned to the new token will not be persisted, this is not a way to create roles. Operation ID: tokens_create_token ## List Refresh Tokens - [GET /v1/tokens](https://docs.synqly.com/api-reference/management/tokens/tokens_list.md): Returns a list of all RefreshToken objects belonging to the Authorization Bearer token. For more infromation on Tokens, refer to Authentication. Operation ID: tokens_list ## Create MCP Token - [POST /v1/tokens/mcp](https://docs.synqly.com/api-reference/management/tokens/tokens_create_mcp_token.md): Create a token for MCP authentication. This token is soley for MCP authentication and cannot authenticate with any other API. Operation ID: tokens_create_mcp_token ## Create Integration Token - [POST /v1/tokens/{accountId}/{integrationId}](https://docs.synqly.com/api-reference/management/tokens/tokens_create_integration_token.md): Create an adhoc integration token restricted to a single integration. The token used to call this API must have the necessary permissions to create tokens and have access to the account and integration IDs. Permissions may not be escalated, so any operation that the invocation token does not have access to cannot be granted. Operation ID: tokens_create_integration_token ## Create Synqly Integrations Token - [POST /v1/tokens/synqly-integrations](https://docs.synqly.com/api-reference/management/tokens/tokens_create_synqly_integrations_token.md): {% admonition type="warning" name="In Development" %} This operation is actively being developed. Breaking changes should be expected. Please contact us before using this operation. {% /admonition %} Create a token for managing Synqly-specific integrations. This token can be used with the integration APIs to manage integrations for Synqly-specific integrations, such as status events exports and async operations. See the Synqly Integrations documentation for more information. Operation ID: tokens_create_synqly_integrations_token ## Delete Adhoc Refresh Token - [DELETE /v1/tokens/{refreshTokenId}](https://docs.synqly.com/api-reference/management/tokens/tokens_delete.md): Deletes the Refresh Token with id {id}. This immediately invalidates both the primary and secondary token pairs. Operation ID: tokens_delete ## Get Refresh Token - [GET /v1/tokens/{refreshTokenId}/info](https://docs.synqly.com/api-reference/management/tokens/tokens_get.md): Returns the RefreshToken object matching {tokenId}. For more information on Tokens, refer to Authentication. Operation ID: tokens_get ## Reset Refresh Token - [PUT /v1/tokens/{ownerId}/{refreshTokenId}/reset](https://docs.synqly.com/api-reference/management/tokens/tokens_reset.md): This API can be used to reset Organization or Integration RefreshTokens. Resets the specified RefreshToken and expiration time, removes the secondary, and resets access and refresh tokens for the RefreshToken object matching {ownerId}/{refreshTokenId} where ownerId is an organizationId or integrationId. An Organization token with administrator permissions can be used to perform this operation. Operation ID: tokens_reset ## Rotate Refresh Token - [PUT /v1/tokens/{ownerId}/{refreshTokenId}/rotate](https://docs.synqly.com/api-reference/management/tokens/tokens_rotate.md): This API can be used to rotate an Organization or Integration RefreshTokens. Rotate deletes the existing Secondary TokenPair, moves the Primary TokenPair to the Secondary TokenPair and creates a new Primary TokenPair for the RefreshToken object matching {ownerId}/{refreshTokenId} where ownerId is an organizationId or integrationId. An Organization token with administrator permissions can be used to perform this operation. Operation ID: tokens_rotate ## Refresh Token Pair - [PUT /v1/tokens/{refreshTokenId}/refresh](https://docs.synqly.com/api-reference/management/tokens/tokens_refresh.md): Creates a new primary TokenPair object, setting the secondary TokenPair to the previous primary value. Call /v1/removeSecondaryToken to remove this secondary backup once the new primary TokenPair has been deployed. Operation ID: tokens_refresh ## Remove Secondary Token - [DELETE /v1/tokens/{refreshTokenId}/secondary](https://docs.synqly.com/api-reference/management/tokens/tokens_remove_secondary.md): Deletes the secondary TokenPair for the RefreshToken object matching {refreshTokenId}. Operation ID: tokens_remove_secondary