I am trying to audit the API tokens grammatically, so that i can notify users whose token is old and should be rotated.
I am testing using graphql explorer running
{
organization(slug: $ORG_SLUG) {
auditEvents(first: 500, type: API_ACCESS_TOKEN_CREATED) {
edges {
node {
type
occurredAt
actor {
name
}
subject {
name
type
}
data
}
}
}
}
}
returns:
{
"data": {
"organization": {
"auditEvents": {
"edges": []
}
}
}
}```
I see other events just none to do with API keys. Is there another way for me to get a list of API_KEYS created?
Hey @chanukov!
Thank you for raising this, I think you may have run into a bug in the GraphQL API. Since I was able to reproduce the same results, I’ll raise this with the team to have it looked at.
Thanks for checking with us here! As we are currently working on other priority tasks, we don’t have a timeframe yet on this one. We will update you as soon as we have any info on this.
Hello, I’m bumping this thread as we’re still trying to use the GraphQL API. Is there any updated ETA on a fix for this bug or any hope that it’s priority can be increased?
I just tried to manually parse the API_ACCESS_TOKEN_CREATED events from all entries in the audit log, but they aren’t there. So no matter what the API doesn’t return any info on these events, even when not querying for them explicitly.
Unfortunately, it is still not possible to get this value via the GraphQL API. API access tokens are not associated with an organization, but rather with individual users and because of that, you won’t see them in the audit events exposed via the API which are tied to a Buildkite organization.
I’ll raise this with the team again, but I can’t promise any timeframes as to when it will be changed - we’ll be sure to update this thread when there is more information to share!
