Manage tokens

Astra Streaming uses two types of tokens that you can generate in Astra DB.

Astra DB application tokens

Astra DB application tokens are access tokens for authentication to the Astra Portal and the Astra Streaming DevOps API.

You need an application token for actions related to Astra DB organizations and databases.

For information about creating and managing Astra DB application tokens, see Manage application tokens.

Astra Streaming Pulsar tokens

Astra Streaming Pulsar token are Pulsar JSON Web Token (JWT) for authentication to your Astra Streaming Pulsar cluster through the Pulsar CLI, runtime clients, or the Pulsar Admin API. If necessary, Astra DB forwards the JWT to the Pulsar cluster for role verification.

You need a Pulsar JWT for actions related to Pulsar tenants, namespaces, messages, topics, and functions, as well as Pulsar CLI/API commands.

You can generate, copy, or delete Astra Streaming Pulsar tokens for each of your Astra Streaming tenants:

  1. In the Astra Portal navigation menu, click Streaming.

  2. Select the tenant for which you want to manage tokens.

  3. Click the Settings tab.

  4. In the Token Management section, click Create Token.

  5. Select a token expiration from 7 days to never.

    Practice responsible credential management:

    • Be aware of the security implications for tokens that never expire.

    • Consider how long you actually plan to use the token.

  6. Copy the token and store it securely.

    The token is shown only once.

  7. To delete a token, click Delete.

    Ensure you update your application with a new, valid Pulsar token before deletion. Applications using the deleted Pulsar token will no longer be able to connect to Astra Streaming.

Usage examples

The following examples show how you can use the two tokens for different actions.

Track monthly usage

Use an Astra DB application token to track monthly usage. For example:

curl -sS --location -X GET "https://api.astra.datastax.com/v2/databases/DATABASE_ID" \
--header "Accept: application/json" \
--header "Authorization: Bearer APPLICATION_TOKEN"

Monitor a topic’s health

Use a Pulsar token to monitor a topic’s health. For example, the following command would authenticate through a Pulsar token declared in the pulsar-admin binary configuration:

bin/pulsar-admin topics stats

Monitor a connector’s health

Use a Pulsar token to monitor a connector’s health. For example:

bin/pulsar-admin sinks status

Billing report by tenant

Use an Astra DB application token to get tenant billing reports. For example:

curl -sS --location -X GET "https://api.astra.datastax.com/v2/stats/namespaces/TENANT_NAME" \
--header "Accept: application/json" \
--header "Authorization: Bearer APPLICATION_TOKEN"

See also

Was this helpful?

Edit this page

Give Feedback

How can we improve the documentation?

© 2024 DataStax | Privacy policy | Terms of use

Apache, Apache Cassandra, Cassandra, Apache Tomcat, Tomcat, Apache Lucene, Apache Solr, Apache Hadoop, Hadoop, Apache Pulsar, Pulsar, Apache Spark, Spark, Apache TinkerPop, TinkerPop, Apache Kafka and Kafka are either registered trademarks or trademarks of the Apache Software Foundation or its subsidiaries in Canada, the United States and/or other countries. Kubernetes is the registered trademark of the Linux Foundation.

General Inquiries: +1 (650) 389-6000, info@datastax.com