POST
/v1/mgmt/accesskey/create

Create an access key, using a valid management key.

This API endpoint allows administrators to create an access key.

During the creation of the access key, you can set the name, expiration time, roles and tenant:role pairs to associated with the key.

Next Steps

Once you have the access key, you can utilize it to configure external items such as SCIM, or use it to exchange for a JWT.

See also

Endpoint Authentication

Use authorization bearer header with the following format:

Authorization: Bearer \<ProjectId:ManagementKey\>

Try it

/v1/mgmt/accesskey/create

The Authorization access token

Authorization

Authorization
Required
Bearer <token>

< Project ID >:< Management Key > as bearer

In: header

Request Body

namestring

expireTimestring

roleNamesarray<string>

keyTenantsarray<object>

userIdstring

customClaimsobject

descriptionstring

permittedIpsarray<string>

Status codeDescription
200OK
curl -X POST "https://api.descope.com/v1/mgmt/accesskey/create" \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer <ProjectId:ManagementKey>" \
  -d '{
  "name": "string",
  "expireTime": "string",
  "roleNames": [
    "string"
  ],
  "keyTenants": [
    {
      "tenantId": "string",
      "roleNames": [
        "string"
      ]
    }
  ],
  "userId": "string",
  "customClaims": {},
  "description": "string",
  "permittedIps": [
    "string"
  ]
}'

{
  "cleartext": "string",
  "key": {
    "id": "string",
    "name": "string",
    "roleNames": [
      "string"
    ],
    "keyTenants": [
      {
        "tenantId": "string",
        "roleNames": [
          "string"
        ],
        "tenantName": "string"
      }
    ],
    "status": "string",
    "createdTime": 0,
    "expireTime": 0,
    "createdBy": "string",
    "clientId": "string",
    "boundUserId": "string",
    "customClaims": {},
    "editable": true,
    "description": "string",
    "permittedIps": [
      "string"
    ]
  }
}

Was this helpful?