Skip to content

Service Tokens List Columns

The Service Tokens list displays each token across several columns, each providing quick insight into the token's state and usage. This page explains what each column shows and how to interact with it — from left to right.

Permissions

Only users with the Admin role can view Service Tokens. See the Permissions page for details.

Info

For a detailed explanation of token states, expiration behavior, and usage tracking, see the How It Works page.

Service User

The leftmost column identifies the Service User that owns the token. Service Tokens are always tied to a Service User account, making it easy to track which automation the token belongs to.

The column displays:

  • Avatar — The Service User's profile picture or initials.
  • Name — The Service User's display name (e.g., svc-airflow).
  • Email — The Service User's email (e.g., svc-airflow@qualytics.ai). If name and email are unavailable, the Service User's internal ID is shown instead (e.g., svc-airflow@service).
  • Arrow icon — Click to open Settings → Security → Users pre-filtered by this Service User, useful for reviewing the user's role, team memberships, and other tokens.

service-user-column

Token

The Token column groups three visual elements: a status indicator (key icon), the token name, and the expiration. It provides the primary identification and state of each token at a glance.

token-column

Key Icon

A key icon with a colored background indicates the token's current state:

Color State Meaning
Green Active Valid token, can authenticate API requests.
Orange Revoked Token was deactivated by an admin and no longer authenticates.
Red Expired Token's expiration date has passed; API requests are rejected.

Name

The token name is an administrator-defined label assigned when the token was generated (e.g., Airflow DAG Orchestration). Names must be unique per Service User and help identify each token's purpose.

Expiration

Below the name, the expiration shows how long until the token becomes invalid, displayed as relative time (e.g., "Expires in 30 days"). Hover over the timestamp to see the exact date and time in your local timezone.

expiration-tooltip

Never Expiring

Tokens created with the Never expiration option display Never in this column. These tokens remain valid until explicitly revoked.

Already Expired

Tokens past their expiration date display Expired {relative time} ago (e.g., "Expired 3 months ago"). The tooltip still shows the original expiration date for audit reference.

Last Used

The Last Used column shows when the token was most recently used for an API request, displayed as relative time.

last-used-column-no-tooltip

Hover over the timestamp to see the exact date and time in your local timezone.

last-used-column

The column covers four scenarios:

  • Last Used — An active token in use displays the relative time since the last API request (e.g., "Last used 1 day ago").
  • Not Used Yet — The token has been generated but has not been used for any API request. The tooltip shows the creation date instead.
  • Revoked with Last Used — Revoked tokens retain their last used timestamp, helping administrators audit when they were last active before revocation.
  • Expired with Last Used — Expired tokens also retain the last used timestamp, useful for verifying whether the token was in active use before expiration.

Tip

Tokens that show Not used yet for an extended period may indicate the automation they were created for is no longer active. Consider revoking unused tokens to maintain security.

Status Badge

The rightmost column shows a colored badge indicating the token's state:

  • Active (green) — The token is valid and can authenticate API requests.
  • Revoked (orange) — The token has been deactivated and no longer authenticates.
  • Expired (red) — The token's expiration date has passed; API requests are rejected.

status-badge-states