# Reveal personal access token (full secret) POST //localhost:8080/api/v1/pats/{id}/reveal Decrypts and returns the full PAT for MCP JSON. Owner or admin. Rate-limited. PATs created before ciphertext storage cannot be revealed — create a new PAT. Reference: https://api.alephant.io/api-reference/saa-s-api/personal-access-tokens/reveal-personal-access-token-full-secret ## OpenAPI Specification ```yaml openapi: 3.1.0 info: title: saas-openapi version: 1.0.0 paths: /api/v1/pats/{id}/reveal: post: operationId: reveal-personal-access-token-full-secret summary: Reveal personal access token (full secret) description: >- Decrypts and returns the full PAT for MCP JSON. Owner or admin. Rate-limited. PATs created before ciphertext storage cannot be revealed — create a new PAT. tags: - subpackage_personalAccessTokens parameters: - name: id in: path description: PAT UUID required: true schema: type: string - name: Authorization in: header description: Bearer JWT access token required: true schema: type: string - name: X-Workspace-Id in: header description: Workspace UUID required: true schema: type: string responses: '200': description: OK content: application/json: schema: $ref: >- #/components/schemas/internal_api_handlers_pats.RevealPATDataEnvelope '400': description: Bad Request content: application/json: schema: type: object additionalProperties: description: Any type '401': description: Unauthorized content: application/json: schema: type: object additionalProperties: description: Any type '403': description: Forbidden content: application/json: schema: type: object additionalProperties: description: Any type '404': description: Not Found content: application/json: schema: type: object additionalProperties: description: Any type '422': description: Reveal not available content: application/json: schema: type: object additionalProperties: description: Any type '429': description: Rate limit content: application/json: schema: type: object additionalProperties: description: Any type servers: - url: //localhost:8080 components: schemas: internal_api_handlers_pats.RevealPATResponse: type: object properties: fullToken: type: string title: internal_api_handlers_pats.RevealPATResponse internal_api_handlers_pats.RevealPATDataEnvelope: type: object properties: data: $ref: '#/components/schemas/internal_api_handlers_pats.RevealPATResponse' title: internal_api_handlers_pats.RevealPATDataEnvelope ``` ## SDK Code Examples ```python import requests url = "https://localhost:8080/api/v1/pats/id/reveal" headers = { "Authorization": "Authorization", "X-Workspace-Id": "X-Workspace-Id" } response = requests.post(url, headers=headers) print(response.json()) ``` ```javascript const url = 'https://localhost:8080/api/v1/pats/id/reveal'; const options = { method: 'POST', headers: {Authorization: 'Authorization', 'X-Workspace-Id': 'X-Workspace-Id'} }; try { const response = await fetch(url, options); const data = await response.json(); console.log(data); } catch (error) { console.error(error); } ``` ```go package main import ( "fmt" "net/http" "io" ) func main() { url := "https://localhost:8080/api/v1/pats/id/reveal" req, _ := http.NewRequest("POST", url, nil) req.Header.Add("Authorization", "Authorization") req.Header.Add("X-Workspace-Id", "X-Workspace-Id") res, _ := http.DefaultClient.Do(req) defer res.Body.Close() body, _ := io.ReadAll(res.Body) fmt.Println(res) fmt.Println(string(body)) } ``` ```ruby require 'uri' require 'net/http' url = URI("https://localhost:8080/api/v1/pats/id/reveal") http = Net::HTTP.new(url.host, url.port) http.use_ssl = true request = Net::HTTP::Post.new(url) request["Authorization"] = 'Authorization' request["X-Workspace-Id"] = 'X-Workspace-Id' response = http.request(request) puts response.read_body ``` ```java import com.mashape.unirest.http.HttpResponse; import com.mashape.unirest.http.Unirest; HttpResponse response = Unirest.post("https://localhost:8080/api/v1/pats/id/reveal") .header("Authorization", "Authorization") .header("X-Workspace-Id", "X-Workspace-Id") .asString(); ``` ```php request('POST', 'https://localhost:8080/api/v1/pats/id/reveal', [ 'headers' => [ 'Authorization' => 'Authorization', 'X-Workspace-Id' => 'X-Workspace-Id', ], ]); echo $response->getBody(); ``` ```csharp using RestSharp; var client = new RestClient("https://localhost:8080/api/v1/pats/id/reveal"); var request = new RestRequest(Method.POST); request.AddHeader("Authorization", "Authorization"); request.AddHeader("X-Workspace-Id", "X-Workspace-Id"); IRestResponse response = client.Execute(request); ``` ```swift import Foundation let headers = [ "Authorization": "Authorization", "X-Workspace-Id": "X-Workspace-Id" ] let request = NSMutableURLRequest(url: NSURL(string: "https://localhost:8080/api/v1/pats/id/reveal")! as URL, cachePolicy: .useProtocolCachePolicy, timeoutInterval: 10.0) request.httpMethod = "POST" request.allHTTPHeaderFields = headers let session = URLSession.shared let dataTask = session.dataTask(with: request as URLRequest, completionHandler: { (data, response, error) -> Void in if (error != nil) { print(error as Any) } else { let httpResponse = response as? HTTPURLResponse print(httpResponse) } }) dataTask.resume() ```