> ## Documentation Index
> Fetch the complete documentation index at: https://developer.rocket.chat/llms.txt
> Use this file to discover all available pages before exploring further.
# Generate Personal Access Token
> Permission required: `create-personal-access-tokens`.
* This endpoint requires two-factor authentication.
* Note that the generated access tokens are irrecoverable, so storing them safely is essential. If a token is lost or forgotten, it can be regenerated or deleted.
* When making calls to the API that mandate authentication, include the generated token in the `X-Auth-Token` header and your user ID in the `X-User-Id` header to authenticate the requests.
Visit the Personal Access Token user guide for more details.
### Changelog
| Version | Description |
| ---------------- | ------------|
|3.1.0 | Added `bypassTwoFactor` param |
|0.69.0 | Added |
## OpenAPI
````json POST /api/v1/users.generatePersonalAccessToken
{
"openapi": "3.0.0",
"info": {
"version": "1.0.0",
"title": "User Management"
},
"servers": [
{
"url": "https://apiexplorer.support.rocket.chat"
}
],
"tags": [
{
"name": "LDAP"
},
{
"name": "Permissions"
},
{
"name": "Roles"
},
{
"name": "Users"
}
],
"paths": {
"/api/v1/users.generatePersonalAccessToken": {
"parameters": [],
"post": {
"summary": "Generate Personal Access Token",
"operationId": "post-api-v1-users.generatePersonalAccessToken",
"responses": {
"200": {
"description": "OK",
"content": {
"application/json": {
"schema": {
"type": "object",
"properties": {
"token": {
"type": "string"
},
"success": {
"type": "boolean"
}
}
},
"examples": {
"Success Example": {
"value": {
"token": "2jdk99wuSjXPO201XlAks9sjDjAhSJmskAKW301mSuj9Sk",
"success": "true"
}
}
}
}
}
},
"400": {
"description": "Bad Request",
"content": {
"application/json": {
"schema": {
"type": "object",
"properties": {
"success": {
"type": "boolean"
},
"error": {
"type": "string"
},
"errorType": {
"type": "string"
},
"details": {
"type": "object",
"properties": {
"method": {
"type": "string"
},
"codeGenerated": {
"type": "boolean"
},
"availableMethods": {
"type": "array",
"items": {
"type": "object",
"properties": {}
}
}
}
}
}
},
"examples": {
"Example 1": {
"value": {
"success": "false",
"error": "TOTP Required [totp-required]",
"errorType": "totp-required",
"details": {
"method": "password",
"codeGenerated": "false",
"availableMethods": []
}
}
},
"Example 2": {
"value": {
"success": "false",
"error": "The 'tokenName' param is required"
}
},
"Example 3": {
"value": {
"success": "false",
"error": "Not Authorized [not-authorized]",
"errorType": "not-authorized",
"details": {
"method": "personalAccessTokens:generateToken"
}
}
}
}
}
}
},
"401": {
"$ref": "#/components/responses/authorizationError"
}
},
"description": "Permission required: `create-personal-access-tokens`. \n\n* This endpoint requires two-factor authentication.\n\n* Note that the generated access tokens are irrecoverable, so storing them safely is essential. If a token is lost or forgotten, it can be regenerated or deleted.\n* When making calls to the API that mandate authentication, include the generated token in the `X-Auth-Token` header and your user ID in the `X-User-Id` header to authenticate the requests.\nVisit the Personal Access Token user guide for more details.\n\n### Changelog\n| Version | Description |\n| ---------------- | ------------|\n|3.1.0 | Added `bypassTwoFactor` param |\n|0.69.0 | Added |",
"parameters": [
{
"$ref": "#/components/parameters/Auth-Token"
},
{
"$ref": "#/components/parameters/UserId"
},
{
"$ref": "#/components/parameters/x-2fa-code"
},
{
"$ref": "#/components/parameters/x-2fa-method"
}
],
"requestBody": {
"content": {
"application/json": {
"schema": {
"type": "object",
"properties": {
"tokenName": {
"type": "string",
"description": "The name of the token."
},
"bypassTwoFactor": {
"type": "boolean",
"description": "If 2FA requirement should be ignored when using this token.",
"default": "false"
}
},
"required": [
"tokenName"
]
},
"examples": {
"Example 1": {
"value": {
"tokenName": "mypersonaltoken",
"bypassTwoFactor": "false"
}
}
}
}
}
},
"tags": [
"Users"
]
}
}
},
"components": {
"responses": {
"authorizationError": {
"description": "Unauthorized",
"content": {
"application/json": {
"schema": {
"type": "object",
"properties": {
"status": {
"type": "string"
},
"message": {
"type": "string"
}
}
},
"examples": {
"Authorization Error": {
"value": {
"status": "error",
"message": "You must be logged in to do this."
}
}
}
}
}
}
},
"parameters": {
"Auth-Token": {
"name": "X-Auth-Token",
"in": "header",
"description": "The authenticated user token.",
"required": "true",
"schema": {
"type": "string"
},
"example": "RScctEHSmLGZGywfIhWyRpyofhKOiMoUIpimhvheU3f"
},
"UserId": {
"name": "X-User-Id",
"in": "header",
"description": "The authenticated user ID.",
"required": "true",
"schema": {
"type": "string"
},
"example": "rbAXPnMktTFbNpwtJ"
},
"x-2fa-code": {
"name": "x-2fa-code",
"in": "header",
"description": "Enter the 2FA code. This parameter is required if 2FA is enabled in your workspace. See the Introduction to Two-Factor Authentication document for details.",
"schema": {
"type": "string"
},
"example": "148750"
},
"x-2fa-method": {
"name": "x-2fa-method",
"in": "header",
"schema": {
"type": "string"
},
"description": "Enter the method with which you get the 2FA code. It can be `email`, `totp`, or `password`. This parameter is required if 2FA is enabled in your workspace."
}
}
}
}
````