Ana içeriğe atla

Endpoint

PUT /apiops/projects/{projectName}/credentials/{username}/token/

Authentication

Requires a Personal API Access Token. 
Authorization: Bearer YOUR_TOKEN

Request

Headers

HeaderValueRequired
AuthorizationBearer Yes
Content-Typeapplication/jsonYes

Path Parameters

ParameterTypeRequiredDescription
projectNamestringYesProject name
usernamestringYesUsername of the credential

Request Body

Full JSON Body Example - Basic Token Settings

{
  "grantType": "PASSWORD",
  "tokenNeverExpires": false,
  "tokenExpiresInAmount": 3600,
  "tokenExpiresInUnit": "SECONDS",
  "refreshTokenAllowed": true,
  "refreshTokenCount": 1,
  "refreshTokenExpiresInAmount": 7200,
  "refreshTokenExpiresInUnit": "SECONDS",
  "allowUrlParameters": false,
  "jwtSignatureAlgorithm": "RS256",
  "deletePrevious": false
}

Full JSON Body Example - Token Never Expires

{
  "grantType": "CLIENT_CREDENTIALS",
  "tokenNeverExpires": true,
  "refreshTokenAllowed": false,
  "allowUrlParameters": true,
  "jwtSignatureAlgorithm": "HS256"
}

Request Body Fields

FieldTypeRequiredDefaultDescription
grantTypestringNo-Grant type for authentication. Values: PASSWORD, CLIENT_CREDENTIALS, AUTHORIZATION_CODE, IMPLICIT, REFRESH_TOKEN
tokenNeverExpiresbooleanNo-Whether token never expires. If true, token expiration settings are ignored
tokenExpiresInAmountlongNo-Token expiration amount. Minimum value: 1. Required if tokenNeverExpires is false
tokenExpiresInUnitstringNo-Token expiration unit. Values: SECONDS, MINUTES, HOURS, DAYS, WEEKS, MONTHS, YEARS
refreshTokenAllowedbooleanNo-Whether refresh token is allowed
refreshTokenCountintegerNo-Maximum number of refresh tokens. Minimum value: 1. Required if refreshTokenAllowed is true
refreshTokenExpiresInAmountlongNo-Refresh token expiration amount. Minimum value: 1. Required if refreshTokenAllowed is true
refreshTokenExpiresInUnitstringNo-Refresh token expiration unit. Values: SECOND, MINUTE, HOUR, DAY, WEEK, MONTH, YEAR
allowUrlParametersbooleanNo-Whether URL parameters are allowed in token requests
jwtSignatureAlgorithmstringNo-JWT signature algorithm. Common values: RS256, HS256, ES256, etc.
deletePreviousbooleanNo-Whether to delete previous tokens when new token is issued

Notes

  • All fields are optional
  • Only provided fields are updated; other fields remain unchanged
  • Credential must exist
  • Authentication type is automatically set to SECRET_MANAGER for APIOps token settings
  • If tokenNeverExpires is true, tokenExpiresInAmount and tokenExpiresInUnit are ignored
  • If refreshTokenAllowed is false, refresh token related fields are ignored
  • tokenExpiresInAmount and refreshTokenExpiresInAmount must be at least 1
  • refreshTokenCount must be at least 1

Response

Success Response (200 OK)

{
  "success": true,
  "deploymentResult": {
    "success": true,
    "message": "Deployment completed successfully",
    "environmentResults": [
      {
        "environmentName": "production",
        "success": true,
        "message": "Deployed successfully"
      },
      {
        "environmentName": "staging",
        "success": true,
        "message": "Deployed successfully"
      }
    ]
  }
}

Error Response (400 Bad Request)

{
  "error": "bad_request",
  "error_description": "Credential (username: api-user) was not found!"
}
or 
{
  "error": "bad_request",
  "error_description": "Token expiration amount must be at least 1"
}

Error Response (401 Unauthorized)

{
  "error": "unauthorized_client",
  "error_description": "Invalid token"
}

Error Response (404 Not Found)

{
  "error": "not_found",
  "error_description": "Project(MyProject) was not found or user does not have privilege to access it!"
}

cURL Example

Example 1: Set Basic Token Settings

curl -X PUT \
  "https://demo.apinizer.com/apiops/projects/MyProject/credentials/api-user/token/" \
  -H "Authorization: Bearer YOUR_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "grantType": "PASSWORD",
    "tokenNeverExpires": false,
    "tokenExpiresInAmount": 3600,
    "tokenExpiresInUnit": "SECOND",
    "refreshTokenAllowed": true,
    "refreshTokenCount": 1,
    "refreshTokenExpiresInAmount": 7200,
    "refreshTokenExpiresInUnit": "SECOND",
    "allowUrlParameters": false,
    "jwtSignatureAlgorithm": "RS256",
    "deletePrevious": false
  }'

Example 2: Set Token Never Expires

curl -X PUT \
  "https://demo.apinizer.com/apiops/projects/MyProject/credentials/api-user/token/" \
  -H "Authorization: Bearer YOUR_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "grantType": "CLIENT_CREDENTIALS",
    "tokenNeverExpires": true,
    "refreshTokenAllowed": false,
    "allowUrlParameters": true,
    "jwtSignatureAlgorithm": "HS256"
  }'

Notes and Warnings

  • Partial Updates:
    • Only provided fields are updated
    • Fields not included in the request remain unchanged
    • Use reset endpoint to restore all defaults
  • Authentication Type:
    • Authentication type is automatically set to SECRET_MANAGER for APIOps token settings
    • This cannot be changed via this endpoint
  • Token Expiration:
    • If tokenNeverExpires is true, token never expires regardless of expiration settings
    • If tokenNeverExpires is false, tokenExpiresInAmount and tokenExpiresInUnit must be provided
  • Refresh Token Settings:
    • If refreshTokenAllowed is true, refresh token count and expiration must be provided
    • Refresh token count must be at least 1
    • Refresh token expiration amount must be at least 1
  • Grant Types:
    • Supported grant types: PASSWORD, CLIENT_CREDENTIALS, AUTHORIZATION_CODE, IMPLICIT, REFRESH_TOKEN
    • Grant type determines the OAuth2/OIDC flow used
  • JWT Signature Algorithm:
    • Common algorithms: RS256, HS256, ES256, PS256
    • Algorithm must match the key type used
  • Automatic Deployment:
    • Credential is automatically deployed to all environments after token settings update
    • Deployment results are returned in the response

Permissions

  • User must have IDENTITY + MANAGE permission in the project
  • For automatic deployment, user must also have IDENTITY + DEPLOY_UNDEPLOY permission