API Reference/Management/Outbound apps
POST
/v1/mgmt/outbound/app/user/token

Authorization

AuthorizationRequiredBearer <token>

< Project ID >:< Management Key > as bearer

In: header

Request Body

application/jsonRequired
appIdstring
userIdstring
scopesarray<string>
optionsobject
tenantIdstring
curl -X POST "https://api.descope.com/v1/mgmt/outbound/app/user/token" \
  -H "Authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
    "appId": "string",
    "userId": "string",
    "scopes": [
      "string"
    ],
    "options": {
      "withRefreshToken": true,
      "forceRefresh": true
    },
    "tenantId": "string"
  }'

OK

{
  "token": {
    "id": "string",
    "appId": "string",
    "userId": "string",
    "tokenSub": "string",
    "accessToken": "string",
    "accessTokenType": "string",
    "accessTokenExpiry": "string",
    "hasRefreshToken": true,
    "refreshToken": "string",
    "lastRefreshTime": "string",
    "lastRefreshError": "string",
    "scopes": [
      "string"
    ],
    "tenantId": "string",
    "grantedBy": "string"
  }
}

Was this helpful?

Delete outbound application tokens by appId or userId DELETE

Delete outbound application tokens by appId or userId, using a valid management key. ### Endpoint Authentication Use authorization bearer header with the following format: `Authorization: Bearer <ProjectId:ManagementKey>`