GET
/
apps
/
{app_id}
/
auth
/
tokens
curl --request GET \
  --url https://api.onesignal.com/apps/{app_id}/auth/tokens \
  --header 'Authorization: <authorization>' \
  --header 'Content-Type: <content-type>'
{
  "tokens": [
    {
      "token_id": "<string>",
      "updated_at": "<string>",
      "created_at": "<string>",
      "name": "<string>",
      "ip_allowlist_mode": "disabled",
      "ip_allowlist": [
        "<string>"
      ]
    }
  ]
}

Overview

This API is helpful for auditing and managing the API keys (Rich Authentication Tokens) associated with an app. It returns metadata for each token, including:

  • Token name and ID
  • IP allow list mode and associated CIDR ranges (if any)
  • Creation and last updated timestamps

For background on different OneSignal API keys, see Keys & IDs.


How to use this API

Use your Organization API Key, to authenticate. This key is different from the standard REST API key.


Headers

Content-Type
string
default:application/json
required
Authorization
string
default:Key YOUR_ORGANIZATION_API_KEY
required

Your Organization API key with prefix Key. See Keys & IDs.

Path Parameters

app_id
string
default:YOUR_APP_ID
required

Your OneSignal App ID in UUID v4 format. See Keys & IDs.

Response

200
application/json

200

The response is of type object.