# Create User Token
This endpoint generates a User Token with JWT functionality.
The User Token can be generated on the base of a User Secret (API key) or a User Token if the user is using a User Token to authenticate on the Trusted Twin platform and the User Token allows for creating new User Tokens ("options":["create"]).
| Method | Path | Operation* |
|---|---|---|
| POST | /token | create_user_token |
*
In order for a user to be able to create User Tokens using the User Secret authorization, the permission "create_user_token" must be included in the list of allowed actions in the statement of the user's role.
For a user to be able to create a User Tokens using the User Token authorization, the "create" permission must be included in the "options" list of the User Token.
# Request
| Parameter | Type | In | Description |
|---|---|---|---|
| secret_dict optional* | dictionary | body | User-defined key-value pair: - key: It must match the regular expression(opens new window) ^[a-z_][0-9a-z_]{0,63}$.- value: JSON compliant value. |
| options optional** | list of strings, value is "create" or "refresh" | body | Defines whether a new User Token can be created or refreshed by a user authorizing with the User Token. |
| validity_ts optional*** | timestamp, DEFAULT=null | body | Time at which the User Token expires. Measured in seconds (to three decimal places) that have elapsed since the Unix epoch(opens new window). If not provided, the User Token does not expire. |
*
The "secret_dict" parameter is optional and does not need to be included in the request body when creating User Tokens.
**
The "options" parameter is optional and does not need to be included in the request body when creating User Tokens. If it is not included in the request body, the caller who is using the User Token will not be able to create or refresh the User Token.
***
The "validity_ts" parameter is optional and does not need to be included in the request body when creating User Tokens. If it is not included in the request body, its default value (null) is used and the User Token does not expire.
# Response
| Attribute | Type | Description |
|---|---|---|
| token | string | User Token. |
| validity_ts | timestamp | Time at which the User Token expires. Measured in seconds (to three decimal places) that have elapsed since the Unix epoch(opens new window). If the value is null, the User Token does not expire. |
| options | list of strings, value is "create" or "refresh" | Defines whether a new User Token can be created or refreshed with the generated token. |
# Status codes
Requests to this endpoint result in generic status codes. For a comprehensive list of status codes, please consult the Status codes section.
Was this article helpful?