Table: launchdarkly_access_token - Query LaunchDarkly Access Tokens using SQL
LaunchDarkly is a feature management platform that enables teams to safely deliver and control software through feature flags. Access Tokens in LaunchDarkly are used to authenticate API calls. They can be scoped to provide either global or project-specific access.
Table Usage Guide
The launchdarkly_access_token
table provides insights into access tokens within LaunchDarkly's feature management platform. As a developer or security analyst, explore token-specific details through this table, including scopes, projects, and associated metadata. Utilize it to uncover information about tokens, such as those with global access, the projects associated with each token, and the verification of token activities.
Examples
Basic info
Explore the creation and last usage dates, along with the owner and role details, of access tokens to help manage their lifecycle and maintain security.Discover the segments that have been recently used in the LaunchDarkly platform. This allows for an assessment of user activity and role assignment, which can be helpful in understanding platform usage patterns and managing access control.
select name, id, creation_date, owner_id, role, last_usedfrom launchdarkly_access_token;
select name, id, creation_date, owner_id, role, last_usedfrom launchdarkly_access_token;
List of access tokens with their member information and date of creation
Explore which access tokens are associated with specific members and when they were created. This is useful for auditing purposes, enabling you to track access and identify any potential security risks.Explore the relationship between access tokens and their associated member information, including their unique identifiers and roles. This can be useful for understanding user activity and permissions, as well as tracking the creation dates of these tokens for security or auditing purposes.
select name, id, member ->> '_id' as member_id, member ->> 'email' as member_email_id, (member ->> 'firstName') || ' ' || (member ->> 'lastName') as member_name, member ->> 'role' as member_role, creation_datefrom launchdarkly_access_token;
select name, id, json_extract(member.value, '$._id') as member_id, json_extract(member.value, '$.email') as member_email_id, ( json_extract(member.value, '$.firstName') || ' ' || json_extract(member.value, '$.lastName') ) as member_name, json_extract(member.value, '$.role') as member_role, creation_datefrom launchdarkly_access_token, json_each(launchdarkly_access_token.member) as member;
List the access tokens that have been created in the last 30 days
Discover the access tokens that have been recently created to understand any potential security risks or unusual activity. This can be useful in maintaining the security of your system by identifying any unauthorized or unexpected tokens.Discover the access tokens that were generated in the past month. This can help you monitor recent activity and manage access control effectively.
select name, id, creation_date, owner_id, rolefrom launchdarkly_access_tokenwhere creation_date >= now() - interval '30' day;
select name, id, creation_date, owner_id, rolefrom launchdarkly_access_tokenwhere creation_date >= date('now', '-30 day');
List the access tokens which haven't been used in the last 30 days
Explore which access tokens have been inactive for the past 30 days. This can help in identifying unused or potentially expired tokens, aiding in system clean-up and security measures.Explore which access tokens have remained inactive for the past 30 days. This can be useful for identifying potential security risks or cleaning up unused resources.
select id, name, last_usedfrom launchdarkly_access_tokenwhere last_used <= now() - interval '30' day;
select id, name, last_usedfrom launchdarkly_access_tokenwhere last_used <= datetime('now', '-30 day');
Access key count by member name
Determine the number of access keys associated with each member in your LaunchDarkly system. This can help manage and monitor user permissions and security within your organization.Analyze the number of access keys associated with each member to understand their level of system access. This could be useful for auditing purposes or to identify potential security risks.
select (member ->> '_id') as member_id, (member ->> 'firstName') || ' ' || (member ->> 'lastName') as member_name, count (id) as access_key_countfrom launchdarkly_access_tokengroup by member, (member ->> '_id');
select json_extract(member.value, '$._id') as member_id, json_extract(member.value, '$.firstName') || ' ' || json_extract(member.value, '$.lastName') as member_name, count (id) as access_key_countfrom launchdarkly_access_token, json_each(member)group by member.value, json_extract(member.value, '$._id');
Get the details of access tokens with read-only permission
Explore which access tokens have read-only permissions to understand their usage and ownership details. This can help in maintaining security by ensuring that unauthorized changes aren't being made.Explore which access tokens have been assigned read-only permissions to understand their usage and ownership. This could be useful for auditing purposes, ensuring that only appropriate users have read-only access and identifying any potential security risks.
select name, id, creation_date, owner_id, role, last_usedfrom launchdarkly_access_tokenwhere role = 'reader';
select name, id, creation_date, owner_id, role, last_usedfrom launchdarkly_access_tokenwhere role = 'reader';
Schema for launchdarkly_access_token
Name | Type | Operators | Description |
---|---|---|---|
_ctx | jsonb | Steampipe context in JSON form, e.g. connection_name. | |
creation_date | timestamp with time zone | Creation date of the access token. | |
custom_role_ids | jsonb | A list of custom role IDs to use as access limits for the access token. | |
default_api_version | bigint | The default API version for this token. | |
description | text | A description for the access token. | |
id | text | = | A unique identifier of the access token. |
inline_role | jsonb | An array of policy statements, with three attributes: effect, resources, actions. May be used in place of a built-in or custom role. | |
last_modified | timestamp with time zone | Last modified date of the access token. | |
last_used | timestamp with time zone | Date and time when the access token was last used. | |
links | jsonb | The location and content type of related resources. | |
member | jsonb | Summary of the member like email, first name, last name etc. | |
member_id | text | A unique identifier of the member of the organization. | |
name | text | The name of the access token. | |
owner_id | text | A unique identifier of the owner of the organization. | |
role | text | Built-in role for the token. | |
service_token | boolean | Whether this is a service token or a personal token. | |
title | text | Title of the resource. | |
token | text | The token value. When creating or resetting, contains the entire token value. Otherwise, contains the last four characters. |
Export
This table is available as a standalone Exporter CLI. Steampipe exporters are stand-alone binaries that allow you to extract data using Steampipe plugins without a database.
You can download the tarball for your platform from the Releases page, but it is simplest to install them with the steampipe_export_installer.sh
script:
/bin/sh -c "$(curl -fsSL https://steampipe.io/install/export.sh)" -- launchdarkly
You can pass the configuration to the command with the --config
argument:
steampipe_export_launchdarkly --config '<your_config>' launchdarkly_access_token