list_api_tokens
Lists API tokens for a specific LogicMonitor user, enabling you to audit API access, check last usage, and identify unused or stale tokens.
Instructions
List API tokens for a specific user in LogicMonitor (LM) monitoring.
Returns: Array of API tokens for specified user with: id, note (description), created date, last used date, status (active/inactive), access ID, roles inherited from user.
What are API tokens: Authentication credentials for LogicMonitor REST API. Alternative to username/password for programmatic access. Each token inherits permissions from its user.
When to use:
Audit API access per user
Find unused/stale tokens for security cleanup
Check last usage time
Inventory API integrations
Before creating new token (check if existing one available)
Security considerations:
Each token has Access ID and Access Key (like username/password for API)
Token inherits all permissions from user (if user is admin, token has admin rights)
Tokens never expire automatically (must be manually revoked)
Last used date helps identify unused tokens that should be removed
Common use cases:
Security audit: "Find all API tokens, check last usage, remove stale ones"
Integration tracking: "Which integrations are using this user's tokens?"
Access review: "What API access does this user have?"
Token rotation: "List all tokens before rotating credentials"
Best practices:
Create service accounts (dedicated users) for API integrations instead of personal user tokens
Add descriptive notes to tokens (e.g., "Terraform automation", "Grafana integration")
Regularly audit and remove unused tokens (check lastUsedOn timestamp)
Use least-privilege: Create users with minimal required permissions, then create tokens for those users
Security workflow:
List all users with "list_users"
For each user, use this tool to check their API tokens
Review lastUsedOn - if >90 days, consider revoking
Check note field to understand token purpose
Workflow: Use this tool with userId from "list_users" to audit that user's API access.
Important: A negative "total" value in the response indicates incomplete results. Use pagination (size/offset parameters) or set autoPaginate: true to retrieve all items.
Related tools: "list_users" (find userId), "create_api_token" (generate new), "delete_api_token" (revoke access).
Input Schema
| Name | Required | Description | Default |
|---|---|---|---|
| userId | Yes | The user ID | |
| size | No | Number of results per page (default: 50, max: 1000). | |
| offset | No | Starting offset for pagination (default: 0). Use this to skip a specific number of results. | |
| autoPaginate | No | Automatically fetch all pages (default: false). When true, fetches all results across multiple pages. When false, returns only the requested page. Use false for large result sets to avoid long response times. | |
| filter | No | Filter expression using LogicMonitor query syntax. Examples: name:*prod*, displayName~*server*, id>100, hostStatus:normal. Available operators: : (equals), ~ (includes), !: (not equals), !~ (not includes), >: (greater than or equals), <: (less than or equals), > (greater than), < (less than). Multiple conditions: Use comma (,) for AND, use || for OR. Do NOT use &&. | |
| fields | No | Comma-separated list of fields to include in response. Examples: "id,displayName,hostStatus" or use "*" for all fields. Omit this parameter to receive a curated set of commonly used fields. |