Skip to main content
POST
/
tokens
Create an API token for your authenticated platform.
curl --request POST \
  --url https://{publicHost}/tokens \
  --header 'Authorization: Basic <encoded-value>' \
  --header 'Content-Type: application/json' \
  --data '
{
  "name": "Operations token",
  "permissions": [
    "VIEW",
    "TRANSACT",
    "MANAGE"
  ]
}
'
{
  "id": "Token:019542f5-b3e7-1d02-0000-000000000001",
  "clientId": "01947d2284054f890000e63bca4810df",
  "clientSecret": "ed0ad25881e234cc28fb2dec0a4fe64e4172",
  "name": "Operations token",
  "permissions": [
    "VIEW",
    "TRANSACT",
    "MANAGE"
  ],
  "createdAt": "2025-07-21T17:32:28Z",
  "updatedAt": "2025-07-21T17:32:28Z"
}

Authorizations

Authorization
string
header
required

Integration-key Basic Auth (clientId:clientSecret) as documented in docs/public/AUTHENTICATION.md.

Body

application/json
name
string
required

Human-readable token name shown when the token is listed or reviewed later.

permissions
string[]
required

Permission labels to attach to the token. VIEW reads platform configuration, customers, tokens, and transactions, TRANSACT creates quotes, executes payments, and runs transfer actions, and MANAGE updates platform configuration, API tokens, and customer records.

Minimum array length: 1

Response

API token created. Client secret returned only on create.

id
string
required

Stable API-token identifier.

clientId
string
required

Client identifier used for Basic Auth.

clientSecret
string
required

Client secret shown once at token creation time. It is not re-readable later.

name
string
required

Human-readable token name.

permissions
string[]
required

Permissions granted to this token. VIEW reads platform configuration, customers, tokens, and transactions, TRANSACT creates quotes, executes payments, and runs transfer actions, and MANAGE updates platform configuration, API tokens, and customer records.

createdAt
string<date-time>
required

Token creation timestamp.

updatedAt
string<date-time>
required

Most recent token update timestamp.