Core
API v2.x
2

createToken #

Available since 2.20.0

Creates a token for the currently loggued user.

It is not possible to create token that does not expire to prevent memory leaks. For this you should use auth:createApiKey instead.


Query Syntax #

HTTP #

Copied to clipboard!
URL: http://kuzzle:7512/_createToken[&expiresIn=900][&singleUse]
Method: POST
Body:
Copied to clipboard!
{
}

Other protocols #

Copied to clipboard!
{
  "controller": "auth",
  "action": "createToken",


  // optional arguments
  "singleUse": true,
  "expiresIn": 900
}

Arguments #

Optional #

  • expiresIn: set the expiration duration (-1 by default)
    • if a raw number is provided (not enclosed between quotes), then the expiration delay is in milliseconds. Example: 86400000
    • if this value is a string, then its content is parsed by the ms library. Examples: "6d", "10h"
  • singleUse: if set to true, then the token can be used only once

Body properties #


Response #

Returns an object containing the token:

  • expiresAt: expiration date in UNIX micro-timestamp format
  • ttl: original ttl
  • token: authentication token associated with this API key
  • singleUse: true if single use token
Copied to clipboard!
{
  "status": 200,
  "error": null,
  "controller": "auth",
  "action": "createToken",
  "requestId": "<unique request identifier>",
  "result": {
    "expiresAt": -1,
    "ttl": -1,
    "token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJfaWQiOiJNeSIsImlhdCI6MTU3MzE4NTkzNSwiZXhwIjoxNTczMTg1OTM0fQ.08qAnSD03V0N1OcviGVUAZEjjv4DxULTgoQQwojn1PA",
    "singleUse": true,
  }
}