# Create a User Secret PIN
This endpoint creates a User Secret PIN for a given user. A User Secret PIN is 6 characters long string of numbers and digits. The User Secret PIN is required to generate a User Secret.
A User Secret PIN is valid for 10 minutes, and it can be used only once to generate a User Secret. After a User Secret has been generated, the User Secret PIN is automatically deleted from the system.
In order for a user to perform the "create_user_secret_pin" operation, the "create_user_secret_pin" permission must be included in the list of allowed actions in the statement of the user's role.
|string||path||User UUID of the user for whom a User Secret PIN is generated.|
|timestamp, ||body||Time at which the User Secret expires. Measured in seconds (to three decimal places) that have elapsed since the Unix epoch(opens new window). If the value is |
"validity_ts" parameter is optional and does not need to be included in the request body when creating a User Secret PIN. If it is not included in the request body, its default value (
null) is used.
In our example, user A (user UUID
"fcf998ae-80e0-4eac-b7e8-378db626aefe"), who already has access to the Trusted Twin platform, generates a User Secret PIN for user B (user UUID
"333b4bf7-43b6-4df1-927a-9ddbd7336144"). As user A wants the User Secret to expire on the 16th of March 2022 at 17:00:00 GMT, they set the
The response returns the User Secret PIN
"P700SC" generated by user A for user B (user UUID
"333b4bf7-43b6-4df1-927a-9ddbd7336144"). User B will use this User Secret PIN to generate a User Secret through the create_user_secret endpoint.
# Status codes
Requests to this endpoint result in generic status codes. For a comprehensive list of status codes, please consult the Status codes section.
Was this article helpful?