Skip to main content

Active Token Inspector

See all currently active tokens with agent name, scopes, expiry, and custom TTL status. Revoke any token instantly — takes effect within seconds.

Token History

Every token ever issued, including expired and revoked ones, with the reason it ended:
ReasonWhat happened
Normal expiryToken reached its expiry time
Manual revocationRevoked by an operator
System killRevoked automatically (agent revoked, budget exhausted)
Key compromisedSigning key was marked compromised

Revocation Certificates

Generate a cryptographically signed Revocation Certificate for any token — useful for compliance audits. Includes token metadata, termination reason, and the identity of who revoked it.

Signing Key Rotation

Rotate your workspace’s signing key from Settings → Security → Signing Keys. Existing tokens remain valid until they expire — only new tokens use the new key. If a key is ever compromised, use Emergency Compromise to immediately revoke all tokens signed with that key.