infisical service-token

This command is deprecated and will be removed in the near future. Please switch to using Machine Identities for authenticating with Infisical.

infisical service-token create --scope=dev:/global --scope=dev:/backend --access-level=read --access-level=write

Description

The Infisical service-token command allows you to manage service tokens for a given Infisical project. With this command, you can create, view, and delete service tokens.

service-token create

Use this command to create a service token

$ infisical service-token create --scope=dev:/backend/** --access-level=read --access-level=write

Flags

--scope

infisical service-token create --scope=dev:/global --scope=dev:/backend/** --access-level=read

Use the scope flag to define which environments and paths your service token should be authorized to access.

The value of your scope flag should be in the following <environment slug>:<path>. Here, environment slug refers to the slug name of the environment, and path indicates the folder path where your secrets are stored.

For specifying multiple scopes, you can use multiple —scope flags.

The path can be a Glob pattern

--projectId

infisical service-token create --scope=dev:/global --access-level=read --projectId=63cefb15c8d3175601cfa989

The project ID you’d like to create the service token for. By default, the CLI will attempt to use the linked Infisical project in .infisical.json generated by infisical init command.

--name

--expiry-seconds

infisical service-token create --scope=dev:/global --access-level=read --expiry-seconds 120

Set the service token’s expiration time in seconds from now. To never expire set to zero.

Default: 1 day

--access-level

--token-only

Command line

​Description

Description