Create Token

All APIs require authorization to add context on what is allowed and what should be seen. The scopes requested at the time of creation can always be less than the total amount available to enable you to use the principle of least privelege.

📘

Info

Be sure to go through the developer onboarding and the authorization section for more details on authentication.

Also, its worth noting the token created when you logged in and signed up using the top right, those tokens only last for 4 hours (and sometimes go wonkey). So you may need to log in and out from time to time.

Use the below recipe for a step by step on authentication logic.

⚠️

Don't bother testing on this page.

The server timestamp deviation cannot be more than 5 seconds from epoch, which gives almost no time to generate values and paste them in here.

{
  "client_id": - "get from Authvia Support",
  "client_secret" - "get from Authvia Support"
}
Recent Requests
Log in to see full request history
TimeStatusUser Agent
Retrieving recent requests…
LoadingLoading…

All APIs require authorization to clarify what is allowed and what should be seen. The scopes requested at the time of creation can always be less than the total amount available to enable you to use the principle of least privilege.

📘

Info

Be sure to go through the developer onboarding and the authorization section for more details on authentication.

Also, it's worth noting the token created when you logged in and signed up using the top right, those tokens only last for 4 hours (and sometimes go wonky). So you may need to log in and out from time to time.

Use the recipe below for a step-by-step on authentication logic.

⚠️

Don't bother testing on this page.

The server timestamp deviation cannot be more than 5 seconds from the epoch, which gives almost no time to generate values and paste them in here.

Body Params

Payload for creating a token

string
required
length between 12 and 36

Provided upon receiving API access; unique ID for your application associated with your Authvia Account.

string
required

The intended audience for the token, always set to api.authvia.com/v3

number
required

UTC time in seconds, must be within 5 seconds of the server's current time (Epoch format).

string
required

HMAC SHA256 encryption of {signature_value}.{signature_value.length}.{timestamp}. see (authentication)[authentication#signature-logic]

string
required
length between 16 and 1024

A random string, minimum 16 characters. Used to create the signature hash, excluding length or timestamp.

string
length ≥ 5

Space-separated permissions for the token. Refer to documentation for valid scopes.

string | number

Overrides default token expiration. Format examples: '5m' for 5 minutes, '1d' for 1 day.

Responses

Language
LoadingLoading…
Response
Click Try It! to start a request and see the response here! Or choose an example:
application/json