# list_api_tokens (/docs/reference/mcp-tools/list_api_tokens)



{/* Generated by apps/docs/scripts/generate-mcp-pages.mjs — do not edit by hand. */}

List the holder’s own personal access tokens (never the secret).

|                     |                  |
| ------------------- | ---------------- |
| Required permission | `tokens:read`    |
| Capability ID       | `apiTokens.list` |
| Destructive         | No               |

## Parameters [#parameters]

This tool takes no parameters — call it with an empty object.

## Input schema (JSON Schema) [#input-schema-json-schema]

```json
{
  "type": "object",
  "properties": {},
  "additionalProperties": false
}
```

## Access control [#access-control]

A call succeeds only when the personal access token's scopes **and** the holder's role both allow `tokens:read` (effective permission = scope ∩ role, default-deny). The tool runs inside the token owner's organization — tenancy is never a parameter.