Post
/api/v1/users.createToken
As a workspace admin, you can create temporary authentication tokens for users. This is the same type of session authentication token a user gets via login and expires the same way.
- To use this endpoint, you must set a secret with the
CREATE_TOKENS_FOR_USERS_SECRETenvironment variable in your deployment configuration. This secret will be used to authorize all requests made to this endpoint. - For SaaS workspaces, contact support to set this variable.
- Permission required:
user-generate-access-token - The maximum number of login tokens per user is 50. See this GitHub PR for details.
Changelog
| Version | Description |
|---|---|
| 8.0.0 | Added CREATE_TOKENS_FOR_USERS_SECRET environment variable to define a shared secret that will be used to authorize this endpoint. |
| 2.1.0 | Added ENV VAR to be able to use this endpoint (process.env.CREATE_TOKENS_FOR_USERS). |
| 0.56.0 | Added |
Header parameters
X-Auth-Token
stringRequired
The authenticated user token.
ExampleRScctEHSmLGZGywfIhWyRpyofhKOiMoUIpimhvheU3f
X-User-Id
stringRequired
The authenticated user ID.
ExamplerbAXPnMktTFbNpwtJ
Body parameters
Example
{
"userId": "BsNr28znDkG8aeo7W",
"secret": "pass123"
}object
userId
string Required
The ID of the user you want to generate a token for.
ExampleBsNr28znDkG8aeo7W
secret
string Required
The secret defined in the CREATE_TOKENS_FOR_USERS_SECRET environment variable. Without the valid secret, you can't access this endpoint.
Examplepass123
Responses
200
Success Example
{
"data": {
"userId": "BsNr28znDkG8aeo7W",
"authToken": "2jdk99wuSjXPO201XlAks9sjDjAhSJmskAKW301mSuj9Sk"
},
"success": true
}object
data
object
userId
string
authToken
string
success
boolean
400
Bad Request
Invalid user
{
"success": false,
"error": "The required \"userId\" or \"username\" param was not provided [error-user-param-not-provided]",
"errorType": "error-user-param-not-provided"
}Invalid secret
{
"success": false,
"error": "Not authorized [error-not-authorized]",
"errorType": "error-not-authorized"
}object
success
boolean
error
string
errorType
string
401
Unauthorized
Authorization Error
{
"status": "error",
"message": "You must be logged in to do this."
}object
status
string
message
string