Skip to main content
POST
Create a group token

Authorizations

__lc_cid
string
cookie
required

Path Parameters

organization_id
string<uuid>
required

Unique organization identifier.

group_id
string<uuid>
required

Unique group identifier.

Body

application/json
grant_type
enum<string>
required

The grant type.

  • agent_token — for backend integrations that manage customer identities using an agent token.
  • cookie — for frontend apps that use browser cookies to identify customers.
  • identity_token — for exchanging an identity transfer token for a customer access token.
Available options:
agent_token,
cookie,
identity_token
client_id
string<hex>
required

The client ID for which the token is being issued.

redirect_uri
string<url>

The redirect URI. Can be used only for grant_type=cookie. If not provided, the value of the Origin header is used.

license_id
integer<uint64>

The license ID for which the token is being issued. Required only if grant_type=cookie.

entity_id
string<uuid>

The entity ID for which the token is being issued. The entity (customer) must already exist. Can be used only for grant_type=agent_token.

expires_in
integer<uint64>

The access token lifetime, in seconds.

code
string

An identity transfer token. Can be used only for grant_type=identity_token.

code_verifier
string

A code verifier, as in the OAuth2 PKCE flow. Can be used only for grant_type=identity_token.

Response

OK: Returns token details.

OAuth 2 Bearer token

access_token
string

The access token value.

client_id
string<hex>

The client ID for which the token was issued.

entity_id
string<uuid>

The entity ID for which the token was issued.

expires_in
integer<uint64>

The access token lifetime, in seconds.

token_type
string

The access token type.