Admin API

note

Read this page in wide view mode from here

• Admin
  • postExchange an access token for a short-lived JWT

API docs by Redocly

Admin API (0.1.0)

The Admin API serves as the central point for interacting with Witboost.

Admin

Exchange an access token for a short-lived JWT

Exchanges a Witboost access token for a short-lived JWT to authenticate API calls.

Rules:

• duration_seconds cannot exceed the remaining lifetime of the access token. If it does, the request is rejected.
• If duration_seconds is not provided, a default duration is used (configured by backend.auth.shortLivedTokendurationSeconds, default: 5 minutes).
• The scope field accepts a space-separated list of scopes (e.g., scope1 scope2 scope3).

Request Body schema: application/json

required

access_token required	string The Witboost access token to exchange
duration_seconds	integer >= 1 Lifetime of the generated JWT in seconds. If omitted, the backend default is used (configured by backend.auth.shortLivedTokenduration_seconds, default: 5 minutes)
scope	string Space-separated list of scopes for the generated JWT

Responses

https://docs.witboost.com/api/auth/access-tokens/jwt

Request samples

• Payload

Content type

application/json

{

• "access_token": "wbat-YY4BMWsHE-tRQ5ZH5HWop_0AjukY4wOPOrx",
• "duration_seconds": 3600,
• "scope": "scope-1 scope-2 scope-3"

}

Response samples

• 200
• 500

Content type

application/json

{

• "jwt": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..."

}