Create API token
POST /api/admin/api-tokens
Create an API token of a specific type: one of client, admin, frontend.
Request
- application/json
Body
required
createApiTokenSchema
- MOD1
- MOD2
- MOD3
- MOD4
- expiresAt date-time
The time when this token should expire.
- type string required
Possible values: Value must match regular expression
^[Aa][Dd][Mm][Ii][Nn]$
An admin token. Must be the string "admin" (not case sensitive).
- tokenName string required
The name of the token.
- expiresAt date-time
The time when this token should expire.
- type string required
Possible values: Value must match regular expression
^[Aa][Dd][Mm][Ii][Nn]$
An admin token. Must be the string "admin" (not case sensitive).
- username string deprecated
The name of the token. This property was deprecated in v5. Use
tokenName
instead. - expiresAt date-time
The time when this token should expire.
- type string required
Possible values: Value must match regular expression
^([Cc][Ll][Ii][Ee][Nn][Tt]|[Ff][Rr][Oo][Nn][Tt][Ee][Nn][Dd])$
A client or frontend token. Must be one of the strings "client" or "frontend" (not case sensitive).
- environment string
The environment that the token should be valid for. Defaults to "default"
- project string
The project that the token should be valid for. Defaults to "*" meaning every project. This property is mutually incompatible with the
projects
property. If you specify one, you cannot specify the other. - projects string[]
A list of projects that the token should be valid for. This property is mutually incompatible with the
project
property. If you specify one, you cannot specify the other. - tokenName string required
The name of the token.
- expiresAt date-time
The time when this token should expire.
- type string required
Possible values: Value must match regular expression
^([Cc][Ll][Ii][Ee][Nn][Tt]|[Ff][Rr][Oo][Nn][Tt][Ee][Nn][Dd])$
A client or frontend token. Must be one of the strings "client" or "frontend" (not case sensitive).
- environment string
The environment that the token should be valid for. Defaults to "default"
- project string
The project that the token should be valid for. Defaults to "*" meaning every project. This property is mutually incompatible with the
projects
property. If you specify one, you cannot specify the other. - projects string[]
A list of projects that the token should be valid for. This property is mutually incompatible with the
project
property. If you specify one, you cannot specify the other. - username string deprecated
The name of the token. This property was deprecated in v5. Use
tokenName
instead.
- 201
- 401
- 403
- 415
The resource was successfully created.
Response Headers
location string
The location of the newly created resource.
- application/json
- Schema
- Example (from schema)
Schema
- secret string required
The token used for authentication.
- username string deprecated
This property was deprecated in Unleash v5. Prefer the
tokenName
property instead. - tokenName string required
A unique name for this particular token
- type string required
Possible values: [
client
,admin
,frontend
]The type of API token
- environment string
The environment the token has access to.
*
if it has access to all environments. - project string required
The project this token belongs to.
- projects string[] required
The list of projects this token has access to. If the token has access to specific projects they will be listed here. If the token has access to all projects it will be represented as
[*]
- expiresAt date-time nullable
The token's expiration date. NULL if the token doesn't have an expiration set.
- createdAt date-time required
When the token was created.
- seenAt date-time nullable
When the token was last seen/used to authenticate with. NULL if the token has not yet been used for authentication.
- alias string nullable
Alias is no longer in active use and will often be NULL. It's kept around as a way of allowing old proxy tokens created with the old metadata format to keep working.
{
"secret": "project:environment.xyzrandomstring",
"tokenName": "some-user",
"type": "client",
"environment": "development",
"project": "developerexperience",
"projects": [
"developerexperience",
"enterprisegrowth"
],
"expiresAt": "2023-04-19T08:15:14.000Z",
"createdAt": "2023-04-19T08:15:14.000Z",
"seenAt": "2023-04-19T08:15:14.000Z",
"alias": "randomid-or-some-alias"
}
Authorization information is missing or invalid. Provide a valid API token as the authorization
header, e.g. authorization:*.*.my-admin-token
.
- application/json
- Schema
- Example (from schema)
Schema
- id string
The ID of the error instance
- name string
The name of the error kind
- message string
A description of what went wrong.
{
"id": "9c40958a-daac-400e-98fb-3bb438567008",
"name": "AuthenticationRequired",
"message": "You must log in to use Unleash. Your request had no authorization header, so we could not authorize you. Try logging in at /auth/simple/login."
}
The provided user credentials are valid, but the user does not have the necessary permissions to perform this operation
- application/json
- Schema
- Example (from schema)
Schema
- id string
The ID of the error instance
- name string
The name of the error kind
- message string
A description of what went wrong.
{
"id": "9c40958a-daac-400e-98fb-3bb438567008",
"name": "NoAccessError",
"message": "You need the \"UPDATE_ADDON\" permission to perform this action in the \"development\" environment."
}
The operation does not support request payloads of the provided type. Please ensure that you're using one of the listed payload types and that you have specified the right content type in the "content-type" header.
- application/json
- Schema
- Example (from schema)
Schema
- id string
The ID of the error instance
- name string
The name of the error kind
- message string
A description of what went wrong.
{
"id": "9c40958a-daac-400e-98fb-3bb438567008",
"name": "ContentTypeerror",
"message": "We do not accept the content-type you provided (application/xml). Try using one of the content-types we do accept instead (application/json) and make sure the body is in the corresponding format."
}