Create access token
This API endpoint creates an access token that has a specified access to a specified set of paths. These tokens can be used as an alternative form of authentication when login tokens cannot be used practically or safely. Use security best practices when handling tokens, such as only granting the minimally required access and deleting the access token that are used or compromised.
These token can be used in the authorization header of API requests as a bearer token.
Description | Request to create an access token. |
Endpoint |
|
Method | POST |
Access Level Rules
Minimum Access Level | Equal to the access level of the created token |
Processing Units
Processing units | 0 |
Parameters
| Name | Description | Required | Default |
|---|---|---|---|
| Array of JSONs, each of which contain the properties "pathId" and "access". "pathId" is the id of the path that the token can access and "access" is a JSON with an "accessTier" property describing what actions the token can perform on the path. "accessTier" must be one of view, view+, share, edit, edit+ or admin. If the path is of type raster or vector you can also define an addition "geoFence" JSON property in the "access" JSON, with properties "tiles" and "maxZoom". 'tiles' an array of JSONs with properties "tileX", "tileY" and "zoom" as integers describing the geographic tiles the access token can access and "maxZoom" is an integer describing the maximum zoom level the access token can access. | true | |
| A string containing a description of the access token. | true | |
| The lifetime of the token in seconds. | false | The access token does not expire if the validFor argument is omitted (note that this comes with additional security risks). |
| The scope of the token describing what kind of actions can be performed with the access token. Can be one of "all" for unrestricted actions or "ogc" to only allow actions belonging to an OGC protocols. | false | Default 'all'. |
Last updated