post-accounts-USERNAME-token.rst (1506B)
1 .. http:post:: /accounts/$USERNAME/token 2 3 Create an authentification token. 4 5 **Request:** 6 7 .. ts:def:: TokenRequest 8 9 interface TokenRequest { 10 // Scope for the token. 11 scope: "readonly" | "readwrite" | "revenue" | "wiregateway" | "observability"; 12 13 // Custom token validity duration 14 duration?: RelativeTime; 15 16 // Is the token refreshable into a new token during its 17 // validity? 18 // Refreshable tokens effectively provide indefinite 19 // access if they are refreshed in time. 20 refreshable?: boolean; 21 22 // Optional token description 23 // @since **v4** 24 description?: string; 25 } 26 27 **Response:** 28 29 :http:statuscode:`200 Ok`: 30 Response is a `TokenSuccessResponse`. 31 :http:statuscode:`202 Accepted`: 32 2FA is required for this operation. This returns the `ChallengeResponse` response. @since **v10** 33 :http:statuscode:`401 Unauthorized`: 34 Invalid or missing credentials. 35 :http:statuscode:`403 Forbidden`: 36 * ``TALER_EC_GENERIC_FORBIDDEN``: missing rights. 37 * ``TALER_EC_BANK_ACCOUNT_LOCKED``: account is locked and cannot create new token using its password. 38 39 **Details:** 40 41 .. ts:def:: TokenSuccessResponse 42 43 interface TokenSuccessResponse { 44 // Expiration determined by the server. 45 // Can be based on the token_duration 46 // from the request, but ultimately the 47 // server decides the expiration. 48 expiration: Timestamp; 49 50 // Opque access token. 51 access_token: string; 52 }