Client Tokens
Client Tokens are short lived authentication tokens which can be generated by an integrated application and passed to frontend applications in order to enable front end applications to communicate directly with the OpenTransact API. Client Tokens are tied to an “Owner”, for example a Profile in the system and may only be used to make API calls for other items related to that Owner.
Even though Client Tokens do not currently have any required attributes on input, the client must pass an empty attributes object as shown in the examples below.
Data Types
ClientTokenResponse
Key | Value |
---|---|
type | client-tokens |
id | UUID |
Attributes | |
token | String |
metadata | String |
created-at | Timestamp |
updated-at | Timestamp |
Relationships | |
owner | ApplicationRelationship |
subject | ProfileRelationship |
roles | array of RoleRelationship |
ClientTokenResponse Example
{
"data": {
"type": "client-tokens",
"id": "4c72784e-fb2a-4858-8067-95b6e36d54c0",
"attributes": {
"token": "xgQQXg3hrtjh7AvZ...",
"metadata": "{}",
"created-at": "2024-05-01T00:00:00Z",
"updated-at": "2024-05-01T00:00:00Z"
},
"relationships": {
"owner": {
"data": {
"type": "applications",
"id": "4c72784e-fb2a-4858-8067-95b6e36d54c0"
}
},
"subject": {
"data": {
"type": "profiles",
"id": "4c72784e-fb2a-4858-8067-95b6e36d54c0"
}
}
}
}
}
ClientTokenRequest
Key | Value | |
---|---|---|
type | client-tokens | |
metadata | String | |
Relationships | ||
subject | ProfileRelationship | Required |
roles | Array of RoleRelationship | Required |
ClientTokenRequest Example
{
"data": {
"type": "client-tokens",
"attributes": {
},
"relationships": {
"subject": {
"data": {
"type": "profiles",
"id": "4c72784e-fb2a-4858-8067-95b6e36d54c0"
}
},
"roles": {
"data": [
{
"type": "roles",
"id": "4c72784e-fb2a-4858-8067-95b6e36d54c0"
}
]
}
}
}
}
POST/v1/client-tokens
Create a Client Token
This endpoint allows you to create a new Client Token.
This endpoint accepts a ClientTokenRequest object and returns a ClientTokenResponse object.
Request
POST
/v1/client-tokens curl --request POST \
--url https://api.opentransact.com/v1/client-tokens \
--header 'Authorization: Basic {API_KEY}' \
--header 'Content-Type: application/vnd.api+json' \
--data '{
"data":{
"type": "client-tokens",
"attributes": {
},
"relationships": {
"roles": {
"data": [{ "type": "roles", "id":"{ROLE_ID}"}]
},
"subject": {
"data": {
"type": "profiles",
"id": "{PROFILE_ID}"
}
}
}
}
}'
Response
{
"data": {
"type": "client-tokens",
"id": "4c72784e-fb2a-4858-8067-95b6e36d54c0",
"attributes": {
"token": "xgQQXg3hrtjh7AvZ...",
"metadata": "{}",
"created-at": "2024-05-01T00:00:00Z",
"updated-at": "2024-05-01T00:00:00Z"
},
"relationships": {
"owner": {
"data": {
"type": "applications",
"id": "{APPLICATION_ID}"
}
},
"subject": {
"data": {
"type": "profiles",
"id": "{PROFILE_ID}"
}
},
"roles": {
"data": [
{
"type": "roles",
"id": "{ROLE_ID}"
}
]
}
}
}
}