Create Access Key | API Reference | Descope Documentation

POST

/v1/mgmt/accesskey/create

Create an access key, using a valid management key.

This API endpoint allows administrators to create an access key.

During the creation of the access key, you can set the name, expiration time, roles and tenant:role pairs to associated with the key.

Next Steps

Once you have the access key, you can utilize it to configure external items such as SCIM, or use it to exchange for a JWT.

Endpoint Authentication

Use authorization bearer header with the following format:

Authorization: Bearer \<ProjectId:ManagementKey\>

Authorization

`Authorization`
Required
Bearer <token>

< Project ID >:< Management Key > as bearer

In: header

Request Body

`name`string

`expireTime`string

`roleNames`array<string>

`keyTenants`array<object>

`userId`string

`customClaims`object

`description`string

`permittedIps`array<string>

Status code	Description
`200`	OK

curl -X POST "https://api.descope.com/v1/mgmt/accesskey/create" \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer <ProjectId:ManagementKey>" \
  -d '{
  "name": "string",
  "expireTime": "string",
  "roleNames": [
    "string"
  ],
  "keyTenants": [
    {
      "tenantId": "string",
      "roleNames": [
        "string"
      ]
    }
  ],
  "userId": "string",
  "customClaims": {},
  "description": "string",
  "permittedIps": [
    "string"
  ]
}'

{
  "cleartext": "string",
  "key": {
    "id": "string",
    "name": "string",
    "roleNames": [
      "string"
    ],
    "keyTenants": [
      {
        "tenantId": "string",
        "roleNames": [
          "string"
        ],
        "tenantName": "string"
      }
    ],
    "status": "string",
    "createdTime": 0,
    "expireTime": 0,
    "createdBy": "string",
    "clientId": "string",
    "boundUserId": "string",
    "customClaims": {},
    "editable": true,
    "description": "string",
    "permittedIps": [
      "string"
    ]
  }
}

Was this helpful?

Create an access key, using a valid management key.

Next Steps

See also

Endpoint Authentication

Try it

Authorization

`Authorization`
Required
Bearer <token>

Request Body

`name`string

`expireTime`string

`roleNames`array<string>

`keyTenants`array<object>

`userId`string

`customClaims`object

`description`string

`permittedIps`array<string>

Create an access key, using a valid management key.

Next Steps

See also

Endpoint Authentication

Try it

Authorization

AuthorizationRequiredBearer <token>

Request Body

namestring

expireTimestring

roleNamesarray<string>

keyTenantsarray<object>

Object 1

userIdstring

customClaimsobject

customClaims

descriptionstring

permittedIpsarray<string>

Response

Typescript

`Authorization`
Required
Bearer <token>

`name`string

`expireTime`string

`roleNames`array<string>

`keyTenants`array<object>

`userId`string

`customClaims`object

`description`string

`permittedIps`array<string>