infisical service-token
Manage Infisical service tokens
infisical service-token create --scope=dev:/global --scope=dev:/backend --access-level=read --access-level=writeDescription
The Infisical service-token command allows you to manage service tokens for a given Infisical project.
With this command, you can create, view, and delete service tokens.
Use this command to create a service token
$ infisical service-token create --scope=dev:/backend/** --access-level=read --access-level=writeFlags
infisical service-token create --scope=dev:/global --scope=dev:/backend/** --access-level=readUse the scope flag to define which environments and paths your service token should be authorized to access.
The value of your scope flag should be in the following <environment slug>:<path>.
Here, environment slug refers to the slug name of the environment, and path indicates the folder path where your secrets are stored.
For specifying multiple scopes, you can use multiple —scope flags.
The path can be a Glob pattern
infisical service-token create --scope=dev:/global --access-level=read --projectId=63cefb15c8d3175601cfa989The project ID you’d like to create the service token for.
By default, the CLI will attempt to use the linked Infisical project in .infisical.json generated by infisical init command.
infisical service-token create --scope=dev:/global --access-level=read --name service-token-nameService token name
Default: Service token generated via CLI
infisical service-token create --scope=dev:/global --access-level=read --expiry-seconds 120Set the service token’s expiration time in seconds from now. To never expire set to zero.
Default: 1 day
infisical service-token create --scope=dev:/global --access-level=read --access-level=writeThe type of access the service token should have. Can be read and or write
infisical service-token create --scope=dev:/global --access-level=read --access-level=write --token-onlyWhen true, only the service token will be printed
Default: false
Was this page helpful?