Generate Personal Access Token

Post
/api/v1/users.generatePersonalAccessToken

Permission required: create-personal-access-tokens.

  • This endpoint requires two-factor authentication.

  • Note that the generated access tokens are irrecoverable, so storing them safely is essential. If a token is lost or forgotten, it can be regenerated or deleted.

  • When making calls to the API that mandate authentication, include the generated token in the X-Auth-Token header and your user ID in the X-User-Id header to authenticate the requests. Visit the Personal Access Token user guide for more details.

Changelog

Version Description
3.1.0 Added bypassTwoFactor param
0.69.0 Added
Header parameters
X-Auth-Token
stringRequired

The authenticated user token.

ExampleRScctEHSmLGZGywfIhWyRpyofhKOiMoUIpimhvheU3f
X-User-Id
stringRequired

The authenticated user ID.

ExamplerbAXPnMktTFbNpwtJ
x-2fa-code
stringRequired

The 2fa code. See Introduction to Two-Factor Authentication.

Example148750
x-2fa-method
stringRequired

The desired method to get the 2FA code. It can be email, totp, or password.

Body parameters
Example 1
{
  "tokenName": "mypersonaltoken",
  "bypassTwoFactor": false
}
object
tokenName
string Required

The name of the token.

bypassTwoFactor
boolean

If 2FA requirement should be ignored when using this token.

Defaultfalse
Responses
200

OK

Success Example
{
  "token": "2jdk99wuSjXPO201XlAks9sjDjAhSJmskAKW301mSuj9Sk",
  "success": true
}
object
token
string
success
boolean
400

Bad Request

Example 1
{
  "success": false,
  "error": "TOTP Required [totp-required]",
  "errorType": "totp-required",
  "details": {
    "method": "password",
    "codeGenerated": false,
    "availableMethods": []
  }
}
Example 2
{
  "success": false,
  "error": "The 'tokenName' param is required"
}
Example 3
{
  "success": false,
  "error": "Not Authorized [not-authorized]",
  "errorType": "not-authorized",
  "details": {
    "method": "personalAccessTokens:generateToken"
  }
}
Expand All
object
success
boolean
error
string
errorType
string
details
object
method
string
codeGenerated
boolean
availableMethods
Array of object
object
401

Unauthorized

Authorization Error
{
  "status": "error",
  "message": "You must be logged in to do this."
}
object
status
string
message
string