Deprecated. Will be removed in a future release. Please use /token/sign instead. Returns a signed, non-expiring legacy access token.
X-Okapi-Tenant required | string Okapi Tenant |
X-Okapi-Url required | string Okapi URL |
required | object The payload of the token signing request | ||||
|
{- "payload": {
- "sub": "string"
}
}
{- "token": "string"
}
Returns a signed, expiring refresh token. This is a legacy endpoint and should not be called by new code and will soon be fully depreciated.
X-Okapi-Tenant required | string Okapi Tenant |
X-Okapi-Url required | string Okapi URL |
userId required | string <uuid> The user id of the request |
sub required | string The subject (user id) of the request |
{- "userId": "2c4a230c-5085-4924-a3e1-25fb4fc5965b",
- "sub": "string"
}
{- "token": "string"
}
Returns a signed, expiring access token and refresh token. Also returns the expiration of each token in the body of the response. The access token time to live is 10 minutes and the refresh token is one week.
X-Okapi-Tenant required | string Okapi Tenant |
X-Okapi-Url required | string Okapi URL |
required | object The payload of the token signing request | ||||
|
{- "payload": {
- "sub": "string"
}
}
{- "token": "string",
- "refreshToken": "string",
- "accessToken": "string"
}
Returns a new refresh token and a new access token. Also returns the expiration of each token in the body of the response. Time to live is 10 minutes for the access token and one week for the refresh token.
X-Okapi-Tenant required | string Okapi Tenant |
X-Okapi-Url required | string Okapi URL |
refreshToken required | string The JWE refresh token |
{- "refreshToken": "string"
}
{- "token": "string",
- "refreshToken": "string",
- "accessToken": "string"
}
Invalidate a single refresh token. An access token cannot be invalidated and remains valid until its expiration time; this is by design because the access token is stateless.
X-Okapi-Tenant required | string Okapi Tenant |
X-Okapi-Url required | string Okapi URL |
refreshToken required | string The JWE refresh token |
{- "refreshToken": "string"
}
Invalidate all refresh tokens for a user. An access token cannot be invalidated and remains valid until its expiration time; this is by design because the access token is stateless.
X-Okapi-Tenant required | string Okapi Tenant |
X-Okapi-Url required | string Okapi URL |