Documentation Index
Fetch the complete documentation index at: https://docs.apinizer.com/llms.txt
Use this file to discover all available pages before exploring further.
Endpoint
PUT /apiops/projects/{projectName}/credentials/{username}/token/
Authentication
Requires a Personal API Access Token.
Authorization: Bearer YOUR_TOKEN
Request
| Header | Value | Required |
|---|
| Authorization | Bearer | Yes |
| Content-Type | application/json | Yes |
Path Parameters
| Parameter | Type | Required | Description |
|---|
| projectName | string | Yes | Project name |
| username | string | Yes | Username of the credential |
Request Body
Full JSON Body Example - Basic Token Settings
{
"grantType": "PASSWORD",
"tokenNeverExpires": false,
"tokenExpiresInAmount": 3600,
"tokenExpiresInUnit": "SECONDS",
"refreshTokenAllowed": true,
"refreshTokenCount": 1,
"refreshTokenExpiresInAmount": 7200,
"refreshTokenExpiresInUnit": "SECONDS",
"allowUrlParameters": false,
"jwtSignatureAlgorithm": "RS256",
"deletePrevious": false
}
Full JSON Body Example - Token Never Expires
{
"grantType": "CLIENT_CREDENTIALS",
"tokenNeverExpires": true,
"refreshTokenAllowed": false,
"allowUrlParameters": true,
"jwtSignatureAlgorithm": "HS256"
}
Request Body Fields
| Field | Type | Required | Default | Description |
|---|
| grantType | string | No | - | Grant type for authentication. Values: PASSWORD, CLIENT_CREDENTIALS, AUTHORIZATION_CODE, IMPLICIT, REFRESH_TOKEN |
| tokenNeverExpires | boolean | No | - | Whether token never expires. If true, token expiration settings are ignored |
| tokenExpiresInAmount | long | No | - | Token expiration amount. Minimum value: 1. Required if tokenNeverExpires is false |
| tokenExpiresInUnit | string | No | - | Token expiration unit. Values: SECONDS, MINUTES, HOURS, DAYS, WEEKS, MONTHS, YEARS |
| refreshTokenAllowed | boolean | No | - | Whether refresh token is allowed |
| refreshTokenCount | integer | No | - | Maximum number of refresh tokens. Minimum value: 1. Required if refreshTokenAllowed is true |
| refreshTokenExpiresInAmount | long | No | - | Refresh token expiration amount. Minimum value: 1. Required if refreshTokenAllowed is true |
| refreshTokenExpiresInUnit | string | No | - | Refresh token expiration unit. Values: SECOND, MINUTE, HOUR, DAY, WEEK, MONTH, YEAR |
| allowUrlParameters | boolean | No | - | Whether URL parameters are allowed in token requests |
| jwtSignatureAlgorithm | string | No | - | JWT signature algorithm. Common values: RS256, HS256, ES256, etc. |
| deletePrevious | boolean | No | - | Whether to delete previous tokens when new token is issued |
Notes
- All fields are optional
- Only provided fields are updated; other fields remain unchanged
- Credential must exist
- Authentication type is automatically set to
SECRET_MANAGER for APIOps token settings
- If
tokenNeverExpires is true, tokenExpiresInAmount and tokenExpiresInUnit are ignored
- If
refreshTokenAllowed is false, refresh token related fields are ignored
tokenExpiresInAmount and refreshTokenExpiresInAmount must be at least 1refreshTokenCount must be at least 1
Response
Success Response (200 OK)
{
"success": true,
"deploymentResult": {
"success": true,
"message": "Deployment completed successfully",
"environmentResults": [
{
"environmentName": "production",
"success": true,
"message": "Deployed successfully"
},
{
"environmentName": "staging",
"success": true,
"message": "Deployed successfully"
}
]
}
}
Error Response (400 Bad Request)
{
"error": "bad_request",
"error_description": "Credential (username: api-user) was not found!"
}
{
"error": "bad_request",
"error_description": "Token expiration amount must be at least 1"
}
Error Response (401 Unauthorized)
{
"error": "unauthorized_client",
"error_description": "Invalid token"
}
Error Response (404 Not Found)
{
"error": "not_found",
"error_description": "Project(MyProject) was not found or user does not have privilege to access it!"
}
cURL Example
Example 1: Set Basic Token Settings
curl -X PUT \
"https://demo.apinizer.com/apiops/projects/MyProject/credentials/api-user/token/" \
-H "Authorization: Bearer YOUR_TOKEN" \
-H "Content-Type: application/json" \
-d '{
"grantType": "PASSWORD",
"tokenNeverExpires": false,
"tokenExpiresInAmount": 3600,
"tokenExpiresInUnit": "SECOND",
"refreshTokenAllowed": true,
"refreshTokenCount": 1,
"refreshTokenExpiresInAmount": 7200,
"refreshTokenExpiresInUnit": "SECOND",
"allowUrlParameters": false,
"jwtSignatureAlgorithm": "RS256",
"deletePrevious": false
}'
Example 2: Set Token Never Expires
curl -X PUT \
"https://demo.apinizer.com/apiops/projects/MyProject/credentials/api-user/token/" \
-H "Authorization: Bearer YOUR_TOKEN" \
-H "Content-Type: application/json" \
-d '{
"grantType": "CLIENT_CREDENTIALS",
"tokenNeverExpires": true,
"refreshTokenAllowed": false,
"allowUrlParameters": true,
"jwtSignatureAlgorithm": "HS256"
}'
Notes and Warnings
-
Partial Updates:
- Only provided fields are updated
- Fields not included in the request remain unchanged
- Use reset endpoint to restore all defaults
-
Authentication Type:
- Authentication type is automatically set to
SECRET_MANAGER for APIOps token settings
- This cannot be changed via this endpoint
-
Token Expiration:
- If
tokenNeverExpires is true, token never expires regardless of expiration settings
- If
tokenNeverExpires is false, tokenExpiresInAmount and tokenExpiresInUnit must be provided
-
Refresh Token Settings:
- If
refreshTokenAllowed is true, refresh token count and expiration must be provided
- Refresh token count must be at least 1
- Refresh token expiration amount must be at least 1
-
Grant Types:
- Supported grant types:
PASSWORD, CLIENT_CREDENTIALS, AUTHORIZATION_CODE, IMPLICIT, REFRESH_TOKEN
- Grant type determines the OAuth2/OIDC flow used
-
JWT Signature Algorithm:
- Common algorithms:
RS256, HS256, ES256, PS256
- Algorithm must match the key type used
-
Automatic Deployment:
- Credential is automatically deployed to all environments after token settings update
- Deployment results are returned in the response
Permissions
- User must have
IDENTITY + MANAGE permission in the project
- For automatic deployment, user must also have
IDENTITY + DEPLOY_UNDEPLOY permission
