By default, some cluster-level API tokens are generated with infinite time-to-live (
ttl=0). In other words, API tokens with
ttl=0 never expire unless you invalidate them. Tokens are not invalidated by changing a password.
You can deactivate API tokens by deleting them or by deactivating the user account.
To delete a token,
Go to the list of all tokens in the Rancher API view at
Access the token you want to delete by its ID. For example,
Here is the complete list of tokens that are generated with
||Token for agent deployment|
||Token for compose|
||Token for Helm chart deployment|
||Pipeline token for project|
||Token for drain (we use