Creates and returns a new authentication token for the currently authenticated User. The bearerToken
property is only provided once, in the response body, so be sure to save it on the client for use with API requests.
Optional params
fetch-request
1await fetch("https://api.vercel.com/v3/user/tokens?slug=SOME_STRING_VALUE&teamId=SOME_STRING_VALUE", {2 "body": {3 "name": "SOME_STRING_VALUE",4 "expiresAt": "SOME_NUMBER_VALUE"5 },6 "headers": {7 "Authorization": "Bearer <TOKEN>"8 },9 "method": "post"10})
Query Parameter | Description |
---|---|
slug | string The Team slug to perform the request on behalf of. |
teamId | string The Team identifier to perform the request on behalf of. |
Successful response.
bearerTokenstringRequired The authentication token's actual value. This token is only provided in this response, and can never be retrieved again in the future. Be sure to save it somewhere safe! Example:
uRKJSTt0L4RaSkiMj41QTkxM
tokenRequired
Code | Description |
---|---|
200 | Successful response. |
400 | One of the provided values in the request body is invalid. |
401 | |
403 | You do not have permission to access this resource. |
Optional params
fetch-request
1await fetch("https://api.vercel.com/v3/user/tokens?slug=SOME_STRING_VALUE&teamId=SOME_STRING_VALUE", {2 "body": {3 "name": "SOME_STRING_VALUE",4 "expiresAt": "SOME_NUMBER_VALUE"5 },6 "headers": {7 "Authorization": "Bearer <TOKEN>"8 },9 "method": "post"10})
Invalidate an authentication token, such that it will no longer be valid for future HTTP requests.
Optional params
fetch-request
1await fetch("https://api.vercel.com/v3/user/tokens/5d9f2ebd38ddca62e5d51e9c1704c72530bdc8bfdd41e782a6687c48399e8391", {2 "headers": {3 "Authorization": "Bearer <TOKEN>"4 },5 "method": "delete"6})
Path Parameter | Description |
---|---|
tokenId | string requiredThe identifier of the token to invalidate. The special value "current" may be supplied, which invalidates the token that the HTTP request was authenticated with. Example: 5d9f2ebd38ddca62e5d51e9c1704c72530bdc8bfdd41e782a6687c48399e8391 |
Authentication token successfully deleted.
tokenIdstringRequired The unique identifier of the token that was deleted. Example:
5d9f2ebd38ddca62e5d51e9c1704c72530bdc8bfdd41e782a6687c48399e8391
Code | Description |
---|---|
200 | Authentication token successfully deleted. |
400 | One of the provided values in the request query is invalid. |
401 | |
403 | You do not have permission to access this resource. |
404 | Token not found with the requested tokenId . |
Optional params
fetch-request
1await fetch("https://api.vercel.com/v3/user/tokens/5d9f2ebd38ddca62e5d51e9c1704c72530bdc8bfdd41e782a6687c48399e8391", {2 "headers": {3 "Authorization": "Bearer <TOKEN>"4 },5 "method": "delete"6})
During the autorization process, Vercel sends the user to the provider redirectLoginUrl, that includes the OAuth authorization code
parameter. The provider then calls the SSO Token Exchange endpoint with the sent code and receives the OIDC token. They log the user in based on this token and redirects the user back to the Vercel account using deep-link parameters included the redirectLoginUrl. This is used to verify the identity of the user during the Open in Provider flow. Providers should not persist the returned id_token
in a database since the token will expire.
Optional params
fetch-request
1await fetch("https://api.vercel.com/v1/integrations/sso/token", {2 "body": {3 "client_id": "SOME_STRING_VALUE",4 "client_secret": "SOME_STRING_VALUE",5 "code": "SOME_STRING_VALUE",6 "redirect_uri": "SOME_STRING_VALUE",7 "state": "SOME_STRING_VALUE"8 },9 "headers": {10 "Authorization": "Bearer <TOKEN>"11 },12 "method": "post"13})
Body Parameter | Description |
---|---|
client_id | string requiredThe integration client id |
client_secret | string requiredThe integration client secret |
code | string requiredThe sensitive code received from Vercel |
redirect_uri | string The integration redirect URI |
state | string The state received from the initialization request |
access_tokenRequired id_tokenstringRequired token_typeRequired
Code | Description |
---|---|
200 | |
400 | One of the provided values in the request body is invalid. |
404 | |
500 |
Optional params
fetch-request
1await fetch("https://api.vercel.com/v1/integrations/sso/token", {2 "body": {3 "client_id": "SOME_STRING_VALUE",4 "client_secret": "SOME_STRING_VALUE",5 "code": "SOME_STRING_VALUE",6 "redirect_uri": "SOME_STRING_VALUE",7 "state": "SOME_STRING_VALUE"8 },9 "headers": {10 "Authorization": "Bearer <TOKEN>"11 },12 "method": "post"13})
Retrieve metadata about an authentication token belonging to the currently authenticated User.
Optional params
fetch-request
1await fetch("https://api.vercel.com/v5/user/tokens/5d9f2ebd38ddca62e5d51e9c1704c72530bdc8bfdd41e782a6687c48399e8391", {2 "headers": {3 "Authorization": "Bearer <TOKEN>"4 },5 "method": "get"6})
Path Parameter | Description |
---|---|
tokenId | string requiredThe identifier of the token to retrieve. The special value "current" may be supplied, which returns the metadata for the token that the current HTTP request is authenticated with. Example: 5d9f2ebd38ddca62e5d51e9c1704c72530bdc8bfdd41e782a6687c48399e8391 |
Successful response.
tokenRequired
Code | Description |
---|---|
200 | Successful response. |
400 | One of the provided values in the request query is invalid. |
401 | |
403 | You do not have permission to access this resource. |
404 | Token not found with the requested tokenId . |
Optional params
fetch-request
1await fetch("https://api.vercel.com/v5/user/tokens/5d9f2ebd38ddca62e5d51e9c1704c72530bdc8bfdd41e782a6687c48399e8391", {2 "headers": {3 "Authorization": "Bearer <TOKEN>"4 },5 "method": "get"6})
Retrieve a list of the current User's authentication tokens.
Optional params
fetch-request
1await fetch("https://api.vercel.com/v5/user/tokens", {2 "headers": {3 "Authorization": "Bearer <TOKEN>"4 },5 "method": "get"6})
paginationRequired testingToken tokensarrayRequired
Code | Description |
---|---|
200 | |
400 | |
401 | |
403 | You do not have permission to access this resource. |
Optional params
fetch-request
1await fetch("https://api.vercel.com/v5/user/tokens", {2 "headers": {3 "Authorization": "Bearer <TOKEN>"4 },5 "method": "get"6})
Was this helpful?