# Create a project API token. POST https://app.unleash-instance.example.com/api/admin/projects/{projectId}/api-tokens Content-Type: application/json Endpoint that allows creation of [project API tokens](https://docs.getunleash.io/concepts/api-tokens-and-client-keys#api-token-visibility) for the specified project. Reference: https://docs.getunleash.io/api/create-project-api-token ## OpenAPI Specification ```yaml openapi: 3.1.1 info: title: Create a project API token. version: endpoint_projects.createProjectApiToken paths: /api/admin/projects/{projectId}/api-tokens: post: operationId: create-project-api-token summary: Create a project API token. description: >- Endpoint that allows creation of [project API tokens](https://docs.getunleash.io/concepts/api-tokens-and-client-keys#api-token-visibility) for the specified project. tags: - - subpackage_projects parameters: - name: projectId in: path required: true schema: type: string - name: Authorization in: header description: Header authentication of the form `undefined ` required: true schema: type: string responses: '201': description: The resource was successfully created. content: application/json: schema: $ref: '#/components/schemas/apiTokenSchema' '400': description: The request data does not match what we expect. content: {} '401': description: >- Authorization information is missing or invalid. Provide a valid API token as the `authorization` header, e.g. `authorization:*.*.my-admin-token`. content: {} '403': description: >- The provided user credentials are valid, but the user does not have the necessary permissions to perform this operation content: {} '404': description: The requested resource was not found. content: {} requestBody: description: createProjectApiTokenSchema content: application/json: schema: $ref: '#/components/schemas/createProjectApiTokenSchema' components: schemas: createProjectApiTokenSchema: type: object properties: type: type: string description: >- A client or frontend token. Must be one of the strings "client" (deprecated), "backend" (preferred over "client") or "frontend" (not case sensitive). environment: type: string default: default description: >- The environment that the token should be valid for. Defaults to "default". expiresAt: type: string format: date-time description: >- The date and time when the token should expire. The date should be in ISO 8601 format. tokenName: type: string description: A unique name for this particular token required: - type - tokenName ApiTokenSchemaType: type: string enum: - value: client - value: admin - value: frontend - value: backend apiTokenSchema: type: object properties: secret: type: string description: The token used for authentication. tokenName: type: string description: A unique name for this particular token type: $ref: '#/components/schemas/ApiTokenSchemaType' description: The type of API token environment: type: string default: development description: The environment the token has access to. project: type: string description: The project this token belongs to. projects: type: array items: type: string description: >- The list of projects this token has access to. If the token has access to specific projects they will be listed here. If the token has access to all projects it will be represented as `[*]` expiresAt: type: - string - 'null' format: date-time description: >- The token's expiration date. NULL if the token doesn't have an expiration set. createdAt: type: string format: date-time description: When the token was created. seenAt: type: - string - 'null' format: date-time description: >- When the token was last seen/used to authenticate with. NULL if the token has not yet been used for authentication. alias: type: - string - 'null' description: >- Alias is no longer in active use and will often be NULL. It's kept around as a way of allowing old proxy tokens created with the old metadata format to keep working. required: - secret - tokenName - type - projects - createdAt ``` ## SDK Code Examples ```python import requests url = "https://app.unleash-instance.example.com/api/admin/projects/projectId/api-tokens" payload = { "type": "frontend", "tokenName": "some-user" } headers = { "Authorization": "", "Content-Type": "application/json" } response = requests.post(url, json=payload, headers=headers) print(response.json()) ``` ```javascript const url = 'https://app.unleash-instance.example.com/api/admin/projects/projectId/api-tokens'; const options = { method: 'POST', headers: {Authorization: '', 'Content-Type': 'application/json'}, body: '{"type":"frontend","tokenName":"some-user"}' }; try { const response = await fetch(url, options); const data = await response.json(); console.log(data); } catch (error) { console.error(error); } ``` ```go package main import ( "fmt" "strings" "net/http" "io" ) func main() { url := "https://app.unleash-instance.example.com/api/admin/projects/projectId/api-tokens" payload := strings.NewReader("{\n \"type\": \"frontend\",\n \"tokenName\": \"some-user\"\n}") req, _ := http.NewRequest("POST", url, payload) req.Header.Add("Authorization", "") req.Header.Add("Content-Type", "application/json") res, _ := http.DefaultClient.Do(req) defer res.Body.Close() body, _ := io.ReadAll(res.Body) fmt.Println(res) fmt.Println(string(body)) } ``` ```ruby require 'uri' require 'net/http' url = URI("https://app.unleash-instance.example.com/api/admin/projects/projectId/api-tokens") http = Net::HTTP.new(url.host, url.port) http.use_ssl = true request = Net::HTTP::Post.new(url) request["Authorization"] = '' request["Content-Type"] = 'application/json' request.body = "{\n \"type\": \"frontend\",\n \"tokenName\": \"some-user\"\n}" response = http.request(request) puts response.read_body ``` ```java import com.mashape.unirest.http.HttpResponse; import com.mashape.unirest.http.Unirest; HttpResponse response = Unirest.post("https://app.unleash-instance.example.com/api/admin/projects/projectId/api-tokens") .header("Authorization", "") .header("Content-Type", "application/json") .body("{\n \"type\": \"frontend\",\n \"tokenName\": \"some-user\"\n}") .asString(); ``` ```php request('POST', 'https://app.unleash-instance.example.com/api/admin/projects/projectId/api-tokens', [ 'body' => '{ "type": "frontend", "tokenName": "some-user" }', 'headers' => [ 'Authorization' => '', 'Content-Type' => 'application/json', ], ]); echo $response->getBody(); ``` ```csharp using RestSharp; var client = new RestClient("https://app.unleash-instance.example.com/api/admin/projects/projectId/api-tokens"); var request = new RestRequest(Method.POST); request.AddHeader("Authorization", ""); request.AddHeader("Content-Type", "application/json"); request.AddParameter("application/json", "{\n \"type\": \"frontend\",\n \"tokenName\": \"some-user\"\n}", ParameterType.RequestBody); IRestResponse response = client.Execute(request); ``` ```swift import Foundation let headers = [ "Authorization": "", "Content-Type": "application/json" ] let parameters = [ "type": "frontend", "tokenName": "some-user" ] as [String : Any] let postData = JSONSerialization.data(withJSONObject: parameters, options: []) let request = NSMutableURLRequest(url: NSURL(string: "https://app.unleash-instance.example.com/api/admin/projects/projectId/api-tokens")! as URL, cachePolicy: .useProtocolCachePolicy, timeoutInterval: 10.0) request.httpMethod = "POST" request.allHTTPHeaderFields = headers request.httpBody = postData as Data let session = URLSession.shared let dataTask = session.dataTask(with: request as URLRequest, completionHandler: { (data, response, error) -> Void in if (error != nil) { print(error as Any) } else { let httpResponse = response as? HTTPURLResponse print(httpResponse) } }) dataTask.resume() ```