Skip to content
Northwestern Laravel Starter

Create an access token

POST
/api/v1/me/tokens

Authorizations

Section titled “Authorizations ”

Request Body required

Section titled “Request Body required ”
object
name
required

Friendly name for the token so you can identify it later.

string
Example
CI deploy token
expires_at

UTC timestamp (seconds) for when the token should expire. Must be at least 24 hours in the future.

integer format: int64
nullable
Example
1751328000
allowed_ips

Optional allowlist of IPs or CIDR ranges that can use this token.

Array<string>
nullable

Responses

Section titled “ Responses ”

201

Section titled “201 ”

Access token created. The plain bearer token is only returned once.

object
data
required
object
id
required
integer format: int64
Example
23145
name
required
string
Example
CI Deployments
status
required

Operational status of the token, derived from revocation and expiration timestamps.

string
Allowed values: active expired revoked
Example
active
last_used_at

When this token was last used (null if never used).

string format: date-time
nullable
Example
2024-04-11T14:35:05Z
usage_count
required
integer
Example
12
expires_at

When this token expires. Null means the token does not expire.

string format: date-time
nullable
Example
2024-12-31T06:00:00Z
created_at
required
string format: date-time
Example
2024-03-01T18:11:00Z
allowed_ips

Optional list of IPs or CIDR ranges allowed to use this token.

Array<string>
nullable
Example
[
  "10.0.0.0/24",
  "203.0.113.12"
]
meta
required
object
bearer_token
required

The full bearer token. This is only returned once and cannot be retrieved again.

string
Example
YiRqNBToe7EIXAnmtCB3a9gAwHNh0xXZUX3A9zARG5CWKUcDhRn4U9qGcG3q7TwB
message
required
string
Example
Token generated successfully. Store the bearer token immediately; it will not be shown again.
Example
{
  "data": {
    "id": 23145,
    "name": "CI Deployments",
    "status": "active",
    "last_used_at": null,
    "usage_count": 0,
    "expires_at": null,
    "created_at": "2025-03-01T18:11:00Z",
    "allowed_ips": [
      "10.0.0.0/24",
      "203.0.113.12"
    ]
  },
  "meta": {
    "bearer_token": "YiRqNBToe7EIXAnmtCB3a9gAwHNh0xXZUX3A9zARG5CWKUcDhRn4U9qGcG3q7TwB",
    "message": "Token generated successfully. Store the bearer token immediately; it will not be shown again."
  }
}

401

Section titled “401 ”

Missing or invalid bearer token.

Standard RFC 9457 problem details envelope.

object
type
required

RFC 9457 compliant problem details response builder.

string format: uri
Example
about:blank
title
required
string
Example
Unauthorized
status
required
integer
Example
401
detail
string
nullable
Example
Authentication failed
instance
required
string format: uri-reference
Example
/api/v1/me
trace_id

Unique identifier for the API request (if available).

string
nullable
Example
b4f5aa7a-1470-4d92-8d3c-98e7c7de9f5f

422

Section titled “422 ”

Validation failed for the supplied token attributes.

object
type
required

RFC 9457 compliant problem details response builder.

string format: uri
Example
about:blank
title
required
string
Example
Unauthorized
status
required
integer
Example
401
detail
string
nullable
Example
Authentication failed
instance
required
string format: uri-reference
Example
/api/v1/me
trace_id

Unique identifier for the API request (if available).

string
nullable
Example
b4f5aa7a-1470-4d92-8d3c-98e7c7de9f5f
errors

Validation errors keyed by input field.

object
key
additional properties
Array<string>
Example
{
  "name": [
    "The name field is required."
  ],
  "expires_at": [
    "The expires at must be at least 24 hours from now."
  ]
}