# Create API token POST https://app.unleash-instance.example.com/api/admin/api-tokens Content-Type: application/json Create an API token of a specific type: one of client, admin, frontend, backend. Reference: https://docs.getunleash.io/api/create-api-token ## OpenAPI Specification ```yaml openapi: 3.1.1 info: title: Create API token version: endpoint_apiTokens.createApiToken paths: /api/admin/api-tokens: post: operationId: create-api-token summary: Create API token description: >- Create an API token of a specific type: one of client, admin, frontend, backend. tags: - - subpackage_apiTokens parameters: - name: Authorization in: header description: Header authentication of the form `undefined ` required: true schema: type: string responses: '201': description: The resource was successfully created. content: application/json: schema: $ref: '#/components/schemas/apiTokenSchema' '401': description: >- Authorization information is missing or invalid. Provide a valid API token as the `authorization` header, e.g. `authorization:*.*.my-admin-token`. content: {} '403': description: >- The provided user credentials are valid, but the user does not have the necessary permissions to perform this operation content: {} '415': description: >- The operation does not support request payloads of the provided type. Please ensure that you're using one of the listed payload types and that you have specified the right content type in the "content-type" header. content: {} requestBody: description: createApiTokenSchema content: application/json: schema: $ref: '#/components/schemas/createApiTokenSchema' components: schemas: CreateApiTokenSchema0: type: object properties: expiresAt: type: string format: date-time description: The time when this token should expire. type: type: string description: >- A client or frontend token. Must be one of the strings "client" (deprecated), "backend" (preferred over "client") or "frontend" (not case sensitive). environment: type: string description: >- The environment that the token should be valid for. Defaults to "default" project: type: string description: >- The project that the token should be valid for. Defaults to "*" meaning every project. This property is mutually incompatible with the `projects` property. If you specify one, you cannot specify the other. projects: type: array items: type: string description: >- A list of projects that the token should be valid for. This property is mutually incompatible with the `project` property. If you specify one, you cannot specify the other. tokenName: type: string description: The name of the token. required: - type - tokenName createApiTokenSchema: oneOf: - $ref: '#/components/schemas/CreateApiTokenSchema0' ApiTokenSchemaType: type: string enum: - value: client - value: admin - value: frontend - value: backend apiTokenSchema: type: object properties: secret: type: string description: The token used for authentication. tokenName: type: string description: A unique name for this particular token type: $ref: '#/components/schemas/ApiTokenSchemaType' description: The type of API token environment: type: string default: development description: The environment the token has access to. project: type: string description: The project this token belongs to. projects: type: array items: type: string description: >- The list of projects this token has access to. If the token has access to specific projects they will be listed here. If the token has access to all projects it will be represented as `[*]` expiresAt: type: - string - 'null' format: date-time description: >- The token's expiration date. NULL if the token doesn't have an expiration set. createdAt: type: string format: date-time description: When the token was created. seenAt: type: - string - 'null' format: date-time description: >- When the token was last seen/used to authenticate with. NULL if the token has not yet been used for authentication. alias: type: - string - 'null' description: >- Alias is no longer in active use and will often be NULL. It's kept around as a way of allowing old proxy tokens created with the old metadata format to keep working. required: - secret - tokenName - type - projects - createdAt ``` ## SDK Code Examples ```python import requests url = "https://app.unleash-instance.example.com/api/admin/api-tokens" payload = { "type": "frontend", "tokenName": "token-64522" } headers = { "Authorization": "", "Content-Type": "application/json" } response = requests.post(url, json=payload, headers=headers) print(response.json()) ``` ```javascript const url = 'https://app.unleash-instance.example.com/api/admin/api-tokens'; const options = { method: 'POST', headers: {Authorization: '', 'Content-Type': 'application/json'}, body: '{"type":"frontend","tokenName":"token-64522"}' }; try { const response = await fetch(url, options); const data = await response.json(); console.log(data); } catch (error) { console.error(error); } ``` ```go package main import ( "fmt" "strings" "net/http" "io" ) func main() { url := "https://app.unleash-instance.example.com/api/admin/api-tokens" payload := strings.NewReader("{\n \"type\": \"frontend\",\n \"tokenName\": \"token-64522\"\n}") req, _ := http.NewRequest("POST", url, payload) req.Header.Add("Authorization", "") req.Header.Add("Content-Type", "application/json") res, _ := http.DefaultClient.Do(req) defer res.Body.Close() body, _ := io.ReadAll(res.Body) fmt.Println(res) fmt.Println(string(body)) } ``` ```ruby require 'uri' require 'net/http' url = URI("https://app.unleash-instance.example.com/api/admin/api-tokens") http = Net::HTTP.new(url.host, url.port) http.use_ssl = true request = Net::HTTP::Post.new(url) request["Authorization"] = '' request["Content-Type"] = 'application/json' request.body = "{\n \"type\": \"frontend\",\n \"tokenName\": \"token-64522\"\n}" response = http.request(request) puts response.read_body ``` ```java import com.mashape.unirest.http.HttpResponse; import com.mashape.unirest.http.Unirest; HttpResponse response = Unirest.post("https://app.unleash-instance.example.com/api/admin/api-tokens") .header("Authorization", "") .header("Content-Type", "application/json") .body("{\n \"type\": \"frontend\",\n \"tokenName\": \"token-64522\"\n}") .asString(); ``` ```php request('POST', 'https://app.unleash-instance.example.com/api/admin/api-tokens', [ 'body' => '{ "type": "frontend", "tokenName": "token-64522" }', 'headers' => [ 'Authorization' => '', 'Content-Type' => 'application/json', ], ]); echo $response->getBody(); ``` ```csharp using RestSharp; var client = new RestClient("https://app.unleash-instance.example.com/api/admin/api-tokens"); var request = new RestRequest(Method.POST); request.AddHeader("Authorization", ""); request.AddHeader("Content-Type", "application/json"); request.AddParameter("application/json", "{\n \"type\": \"frontend\",\n \"tokenName\": \"token-64522\"\n}", ParameterType.RequestBody); IRestResponse response = client.Execute(request); ``` ```swift import Foundation let headers = [ "Authorization": "", "Content-Type": "application/json" ] let parameters = [ "type": "frontend", "tokenName": "token-64522" ] as [String : Any] let postData = JSONSerialization.data(withJSONObject: parameters, options: []) let request = NSMutableURLRequest(url: NSURL(string: "https://app.unleash-instance.example.com/api/admin/api-tokens")! as URL, cachePolicy: .useProtocolCachePolicy, timeoutInterval: 10.0) request.httpMethod = "POST" request.allHTTPHeaderFields = headers request.httpBody = postData as Data let session = URLSession.shared let dataTask = session.dataTask(with: request as URLRequest, completionHandler: { (data, response, error) -> Void in if (error != nil) { print(error as Any) } else { let httpResponse = response as? HTTPURLResponse print(httpResponse) } }) dataTask.resume() ```