Client Tokens

Client Tokens are short lived authentication tokens which can be generated by an integrated application and passed to frontend applications in order to enable front end applications to communicate directly with the OpenTransact API. Client Tokens are tied to an “Owner”, for example a Profile in the system and may only be used to make API calls for other items related to that Owner.

Even though Client Tokens do not currently have any required attributes on input, the client must pass an empty attributes object as shown in the examples below.

Data Types

ClientTokenResponse

KeyValue
typeclient-tokens
idUUID
Attributes
tokenString
metadataString
created-atTimestamp
updated-atTimestamp
Relationships
ownerApplicationRelationship
subjectProfileRelationship
rolesarray of RoleRelationship

ClientTokenResponse Example

{
  "data": {
    "type": "client-tokens",
    "id": "4c72784e-fb2a-4858-8067-95b6e36d54c0",
    "attributes": {
      "token": "xgQQXg3hrtjh7AvZ...",
      "metadata": "{}",
      "created-at": "2024-05-01T00:00:00Z",
      "updated-at": "2024-05-01T00:00:00Z"
    },
    "relationships": {
      "owner": {
        "data": {
          "type": "applications",
          "id": "4c72784e-fb2a-4858-8067-95b6e36d54c0"
        }
      },
      "subject": {
        "data": {
          "type": "profiles",
          "id": "4c72784e-fb2a-4858-8067-95b6e36d54c0"
        }
      }
    }
  }
}

ClientTokenRequest

KeyValue
typeclient-tokens
metadataString
Relationships
subjectProfileRelationship
Required
rolesArray of RoleRelationship
Required

ClientTokenRequest Example

{
  "data": {
    "type": "client-tokens",
    "attributes": {
    },
    "relationships": {
      "subject": {
        "data": {
          "type": "profiles",
          "id": "4c72784e-fb2a-4858-8067-95b6e36d54c0"
        }
      },
      "roles": {
        "data": [
          { 
            "type": "roles",
            "id": "4c72784e-fb2a-4858-8067-95b6e36d54c0"
          }
        ]
      }
    }
  }
}
POST/v1/client-tokens

Create a Client Token

This endpoint allows you to create a new Client Token.

This endpoint accepts a ClientTokenRequest object and returns a ClientTokenResponse object.

Request

POST
/v1/client-tokens
    curl --request POST \
      --url https://api.opentransact.com/v1/client-tokens \
      --header 'Authorization: Basic {API_KEY}' \
      --header 'Content-Type: application/vnd.api+json' \
      --data '{
                "data":{
                  "type": "client-tokens",
                  "attributes": {
                  },
                  "relationships": {
                    "roles": {
                      "data": [{ "type": "roles", "id":"{ROLE_ID}"}]
                    },
                    "subject": {
                      "data": {
                        "type": "profiles",
                        "id": "{PROFILE_ID}"
                      }
                    }
                  }
                }
              }'

Response

{
  "data": {
    "type": "client-tokens",
    "id": "4c72784e-fb2a-4858-8067-95b6e36d54c0",
    "attributes": {
      "token": "xgQQXg3hrtjh7AvZ...",
      "metadata": "{}",
      "created-at": "2024-05-01T00:00:00Z",
      "updated-at": "2024-05-01T00:00:00Z"
    },
    "relationships": {
      "owner": {
        "data": {
          "type": "applications",
          "id": "{APPLICATION_ID}"
        }
      },
      "subject": {
        "data": {
          "type": "profiles",
          "id": "{PROFILE_ID}"
        }
      },
      "roles": {
        "data": [
          { 
            "type": "roles",
            "id": "{ROLE_ID}"
          }
        ]
      }
    }
  }
}

Was this page helpful?