Aller au contenu principal
Jahia Store
FR

Personal API Tokens

supported
Télécharger 1.9.0

Informations

Identifiant du module
personal-api-tokens
Identifiant de groupe
org.jahia.modules
Statut
supported
Catégorie
Authentication
Auteur
JSG
Site web du développeur
http://www.jahia.com
Nécessite Jahia
8.1.3.0
Mis à jour
2026-07-09
Source
scm:git:git@github.com:Jahia/personal-api-tokens.git
Étiquettes
  • token
  • api
  • graphql
  • security
  • authentication

With the personal API tokens module, you can use tokens instead of your credentials to make calls to Jahia APIs, such as GraphQL API and others.

Documentation for the module is available on the Academy.

Captures d'écran

Versions

Improvements

  • Introduce security filter config to allow tokens as child type of jnt:user
Nécessite Jahia 8.1.3.0Mis à jour 2026-07-02

Improvements

  • Introduced a mechanism allowing modules to whitelist URLs with the urlPatterns property
Nécessite Jahia 8.1.3.0Mis à jour 2026-03-09

Misc

  • Improved documentation on personal-api-tokens for verifyToken, cli example, token Management and others
  • Updated webpack from 5.40.0 to 5.103.0
Nécessite Jahia 8.1.3.0Mis à jour 2025-12-22
  • Introduced a new permission admin-personal-api-tokens to make it possible for an admin to manage a user's personal API token.
Nécessite Jahia 8.1.3.0Mis à jour 2025-08-28
  • Extended graphql-annotation range following upgrade of GraphQL libraries in Jahia core

Note: This change was necessary for the module to be compatible with both Jahia 8.1 and Jahia 8.2 going forward. This particular release does not provide any improvements or bug fixes for environments running with Jahia 8.1x.

Nécessite Jahia 8.1.3.0Mis à jour 2024-04-30
  • Extended graphql-annotations compability range
  • Upgraded Jahia configuration plugin version
  • Removed the duplicated "resolutions" entry in package.json
Nécessite Jahia 8.1.3.0Mis à jour 2023-11-30
  • Updated jahia-depends property to have more accurate dependencies
Nécessite Jahia 8.1.3.0Mis à jour 2023-03-24
  • Added a new permission "Personal api tokens" (under "Developer tools") to restrict access to "My API tokens"
  • Added French and German translations
  • Upgraded packages to fix javascript vulnerabilities
  • Added noImportExport mixin to prevent export of the tokens
Nécessite Jahia 8.1.3.0Mis à jour 2022-11-15
  • Added a new permission "Personal api tokens" (under "Developer tools") to restrict access to "My API tokens"
jahia-dashboard 1.6.0 is required when updating to Personal API tokens 1.2.0
Nécessite Jahia 8.1.0.0Mis à jour 2022-10-18
  • Included personal-api-tokens module in the jahia build
  • Added the possibility to add scopes when creating a token
  • Updated code after GraphQL libraries upgrade (see GraphQL v2.7.0)
  • Updated dependencies after moving Security filter module into a Core bundle
  • Fixed issue with previous scope still selected when creating a new token
  • Fixed css issue when personal-api-token is deployed
Nécessite Jahia 8.1.0.0Mis à jour 2021-11-04
  • Added the possibility to register new servlets using api tokens
Nécessite Jahia 8.0.1.0Mis à jour 2022-04-29

This version of Personal API Tokens includes the following features:

  • My API tokens view to allow a user to create and manage his/her own tokens
  • User API Tokens view to allow an administrator to update/delete other users' tokens
  • Management of tokens through the API (create own/update/delete)
  • Management of tokens through the filesystem (create/update/delete)
Nécessite Jahia 8.0.1.0Mis à jour 2021-10-27

This version of Personal API Tokens only provides the token service (no GraphQL API, no GUI and valve are not configurable as there's no OSGi support for valves in Jahia 7).

Here are examples on how to use it. Note that to be able to run it in the groovy console you'll need to remove the line setResult("remove");. You can also add the script in a .groovy file and drop it in /digital-factory-data/patches

Create a token

setResult("remove");
org.jahia.services.content.JCRTemplate.getInstance().doExecuteWithSystemSession({ session ->
    org.jahia.osgi.BundleUtils.getOsgiService("org.jahia.modules.apitokens.TokenService", null)
        .tokenBuilder("/users/root", "test-token123456", session)
        .setToken("WtkC/5HJS6WYY0y2E3nFGAmmLoOxKhRPy2IY4GkWVvA=")
        .setActive(true)
        .setExpirationDate(new org.joda.time.DateTime('2021-12-31').toCalendar(Locale.getDefault()))
        .create()
    session.save(); })

Update a token

setResult("remove");
org.jahia.services.content.JCRTemplate.getInstance().doExecuteWithSystemSession({ session ->
    def service = org.jahia.osgi.BundleUtils.getOsgiService("org.jahia.modules.apitokens.TokenService", null)
    def tokenDetails = service.getTokenDetails("9201cd9b-4e62-415e-b523-e198dd7e4756", session)
    tokenDetails.setActive(false)
    service.updateToken(tokenDetails, session)
    session.save();
})

Remove a token

setResult("remove");
org.jahia.services.content.JCRTemplate.getInstance().doExecuteWithSystemSession({ session ->    org.jahia.osgi.BundleUtils.getOsgiService("org.jahia.modules.apitokens.TokenService", null).deleteToken("9201cd9b-4e62-415e-b523-e198dd7e4756", session)
    session.save();
})
Nécessite Jahia 7.3.1.0Mis à jour 2021-10-27