{"id": "authentication:authentication-cli-create-token", "page": "authentication", "ref": "authentication-cli-create-token", "title": "datasette create-token", "content": "You can also create tokens on the command line using the  datasette create-token  command. \n                 This command takes one required argument - the ID of the actor to be associated with the created token. \n                 You can specify a  -e/--expires-after  option in seconds. If omitted, the token will never expire. \n                 The command will sign the token using the  DATASETTE_SECRET  environment variable, if available. You can also pass the secret using the  --secret  option. \n                 This means you can run the command locally to create tokens for use with a deployed Datasette instance, provided you know that instance's secret. \n                 To create a token for the  root  actor that will expire in one hour: \n                 datasette create-token root --expires-after 3600 \n                 To create a token that never expires using a specific secret: \n                 datasette create-token root --secret my-secret-goes-here", "breadcrumbs": "[\"Authentication and permissions\", \"API Tokens\"]", "references": "[]"}
{"id": "cli-reference:cli-help-create-token-help", "page": "cli-reference", "ref": "cli-help-create-token-help", "title": "datasette create-token", "content": "Create a signed API token, see  datasette create-token . \n             [[[cog\nhelp([\"create-token\", \"--help\"]) \n             ]]] \n             Usage: datasette create-token [OPTIONS] ID\n\n  Create a signed API token for the specified actor ID\n\n  Example:\n\n      datasette create-token root --secret mysecret\n\n  To allow only \"view-database-download\" for all databases:\n\n      datasette create-token root --secret mysecret \\\n          --all view-database-download\n\n  To allow \"create-table\" against a specific database:\n\n      datasette create-token root --secret mysecret \\\n          --database mydb create-table\n\n  To allow \"insert-row\" against a specific table:\n\n      datasette create-token root --secret myscret \\\n          --resource mydb mytable insert-row\n\n  Restricted actions can be specified multiple times using multiple --all,\n  --database, and --resource options.\n\n  Add --debug to see a decoded version of the token.\n\nOptions:\n  --secret TEXT                   Secret used for signing the API tokens\n                                  [required]\n  -e, --expires-after INTEGER     Token should expire after this many seconds\n  -a, --all ACTION                Restrict token to this action\n  -d, --database DB ACTION        Restrict token to this action on this database\n  -r, --resource DB RESOURCE ACTION\n                                  Restrict token to this action on this database\n                                  resource (a table, SQL view or named query)\n  --debug                         Show decoded token\n  --plugins-dir DIRECTORY         Path to directory containing custom plugins\n  --help                          Show this message and exit. \n             [[[end]]]", "breadcrumbs": "[\"CLI reference\"]", "references": "[]"}