Skip to main content
POST
/
auth
/
access_token
/
{token_id}
/
rotate
Rotate access token
curl -X POST http://localhost:50052/auth/access_token/12/rotate \
  -H "Accept: application/json" \
  -H 'Authorization: Bearer <admin-jwt-or-access-token>'
{
  "id": 12,
  "name": "reader-admin-token",
  "description": "Used by the analytics dashboard to run read-only admin checks.",
  "token": "vdai_<newly-generated-token>",
  "created_at": "2026-04-02T08:30:00Z",
  "expired_at": "2026-04-03T08:30:00Z",
  "will_expire": true,
  "permission": "read,admin"
}

Authorizations

Authorization
string
header
required

Admin JWT obtained from the login endpoint.

Headers

Authorization
string
required

Admin JWT or admin access token. Format Bearer <admin-jwt-or-access-token>.

Path Parameters

token_id
integer
required

The unique identifier of the access token to rotate.

Response

Token rotated successfully. Returns the new raw token.

id
integer

Unique identifier for the access token.

name
string

Human-readable name for the token.

description
string

Description of the token's intended use.

token
string

The new raw access token value. Store this securely, as it cannot be retrieved after rotation.

created_at
string<date-time>

Original creation timestamp, in RFC 3339 UTC format.

expired_at
string<date-time> | null

Expiration timestamp. null when will_expire is false.

will_expire
boolean

Whether the token has an expiration date.

permission
string

Comma-separated permission names assigned to the token.