Token Management
Create, list, and revoke SkillReg API tokens for programmatic access. Manage CI/CD integrations and automated skill publishing workflows.
Overview
API tokens let you access the SkillReg registry programmatically — from CI/CD pipelines, automation scripts, or any environment where browser login isn't practical. Each token is scoped to an organization and carries one or more permission scopes: read, write, or admin.
Create a Token
skillreg token createCreate a new API token for programmatic access.
| Flag | Description | Default |
|---|---|---|
| --name <name> | Token name (required) | — |
| --scopes <scopes> | Comma-separated scopes: read, write, admin | read,write |
| --org <slug> | Organization slug | — |
skillreg token create --name "ci-deploy" --scopes read,write --org acme
✓ Token created successfully!
Name: ci-deploy
Scopes: read, write
Token: sr_live_a1b2c3d4e5f6g7h8i9j0...
⚠ Copy this token now — it will not be shown again.Save the token immediately
The full token value is displayed only once at creation time. Store it in a secure location (e.g. your CI/CD secrets manager). If you lose it, you'll need to revoke the token and create a new one.
List Tokens
skillreg token listList all API tokens for an organization.
| Flag | Description | Default |
|---|---|---|
| --org <slug> | Organization slug | — |
skillreg token list --org acme
NAME PREFIX SCOPES LAST USED
ci-deploy sr_live_a1b2 read, write 2 hours ago
bot-readonly sr_live_f3g4 read 3 days ago
admin-key sr_live_x9y0 admin neverRevoke a Token
skillreg token revoke<id>Permanently revoke an API token. This action cannot be undone.
| Flag | Description | Default |
|---|---|---|
| --org <slug> | Organization slug | — |
skillreg token revoke clx7f2k3a --org acme
✓ Token "ci-deploy" has been revoked.Finding the token ID
Get the token ID from skillreg token list. The ID is a unique identifier, distinct from the token name or prefix.
Token Scopes
Each scope includes the permissions of the scopes below it. For example, write implicitly includes read.
read— Pull skills, search the registry, list skills, and view skill info.write— Push skills to the registry. Includes allreadpermissions.admin— Manage tokens, organization settings, and members. Includes allwritepermissions.
Least privilege
Follow the principle of least privilege. CI/CD pipelines that only pull skills should use read-only tokens. Reserve admin tokens for automation that manages org settings.
Token Formats
SkillReg tokens use a prefix convention to identify their type at a glance:
sr_live_*— Production tokens. Used for all standard API access.sr_test_*— Test tokens. Used in development and testing environments.sk_*— Legacy format. Still supported for backward compatibility but new tokens always use thesr_prefix.
Tokens are encoded in base64url and are safe to use in HTTP headers, environment variables, and configuration files.