Import a token

Add a token through import

Vault allows users to store Pangea API tokens as a special type of secret in the Vault service. Unlike regular secrets, Pangea API tokens can be configured with an automated rotation policy, which will generate a new Pangea API token, with the same permissions, on a defined interval.

Only one Vault item can point to a Pangea API token, meaning two entries in the Vault cannot be created to point to the same token. Additionally, a Pangea API token from another project may not be stored in a Vault configured in a different project.

note

A Pangea API token may only be imported via API. However, in the Vault UI, a Pangea API token may be generated as well. This capability is not available via API.

Language

Python

JavaScript

Go

C#

Java

import os

import pangea.exceptions as pe
from pangea.config import PangeaConfig
from pangea.services import Vault

def import_token(token_name, token):
    token = os.getenv("PANGEA_VAULT_TOKEN")
    domain = os.getenv("PANGEA_DOMAIN")
    config = PangeaConfig(domain=domain)
    vault = Vault(token, config=config)
    token_id = None

    try:
        # store a token
        create_response = vault.pangea_token_store(token, token_name)
        token_id = create_response.result.id

    except pe.PangeaAPIException as e:
        print(f"Vault Request Error: {e.response.summary}")
        for err in e.errors:
            print(f"\t{err.detail} \n")

    return token_id

Was this article helpful?

Contact us