List Personal Access Tokens
Review the current personal API keys before creating a new one or revoking an old one.
The browser PAT page is the clearest place to review label, scope, expiry, and status for existing keys.
- Open the correct PAT list surface.
- Read current token status safely.
- Use the list before create or revoke actions.
Where this happens
Same Task, Other Interfaces
Use the version that matches where you are working now. The subject matter stays the same; the delivery changes by surface.
Do the work
- 1. Open `/workspace/settings/security/pats`.
- 2. Review the visible token list and read the status chips for each key.
- 3. Use the list to decide whether you truly need a new key or whether an old key should be revoked.
- 4. Move into the create or revoke guide only after the existing key set is clear.
Keep Going in Sessions and Personal Tokens
Stay in the same interface and move to the next closest task in this topic when needed.
Review Security Sessions
Use the sessions page to understand the current browser security context and active session state.
Create a Personal Access Token
Create a human-owned API key with the narrowest useful scope set and store it safely because the raw token is only shown once.
Revoke a Personal Access Token
Revoke a human-owned API key by credential id when it is obsolete, leaked, or no longer appropriate for the workflow.
Nearby Guides
These guides stay close to the current workflow so you can keep moving without restarting discovery.
Create a Personal Access Token
Create a human-owned API key with the narrowest useful scope set and store it safely because the raw token is only shown once.
Revoke a Personal Access Token
Revoke a human-owned API key by credential id when it is obsolete, leaked, or no longer appropriate for the workflow.