GetWorkspaceDataplaneAccessToken
GET/api/v1/workspaces/:workspace_id/dataplane-access-token
Mint a short-lived DataplaneUserJwt that the caller can present directly to data-plane services (telemetry, logs) for reads against this workspace.
The token carries a single ws:read grant bound to this workspace and the
workspace's dataplane_id; the caller is expected to cache it in memory and
refresh before expires_at. Token TTL is server-controlled and short
(minutes) so leaked tokens have a tight blast radius.
Requires READ permission on the workspace.
Request
Responses
- 200
- 400
- 401
- 403
- 404
Request fulfilled, document follows
Response Headers
Bad request syntax or unsupported method
No permission -- see authorization schemes
Request forbidden -- authorization will not help
Nothing matches the given URI