An authentication token is used to obtain a valid session for a particular user of the system. This topic introduces the following types of authentication tokens:

  • userAuthToken
  • senderAuthToken
  • signerAuthToken
  • singleUseSignerAuthToken

With the exception of signerAuthToken these tokens are all single-use. The default expiry time for all these tokens is 30 minutes. 

User Authentication Tokens

A user authentication token is a token that can be used to obtain a session for a user with complete access to the account. The following code will create a user authentication token:

HTTP Request

POST /api/cs-authenticationTokens/user
JS

HTTP Headers

Accept: application/json   
Authorization: Bearer access_token
JS

For a complete description of each field, see the Request Payload table below.

PropertyTypeEditableRequiredDefaultSample Values
packageIdstringNoNon/a5vjLRY5MWrDJ6MzRAEyCKOy5IH0= 
signerIdstringNoNon/a8b734331-bc5b-4843-9784-d4ece4b7dc22 
valuestringNoNon/aZDNmMDNiNGUtNGYxOC00YWZiLTkwMmUtNWE5YmIwZTRjZDg1 

Response Payload

{   "value": "MjY0MjQ4MzgtMTJlOS00MzhjLTgzODMtMzJmMGNiZTg3ODBl"   }
JS

Sender Authentication Tokens

A sender authentication token can be used to obtain a session for a sender with access only to a specific package. 

HTTP Request

POST /api/cs-authenticationTokens/sender
JS

HTTP Headers

Accept: application/json   
Content-Type: application/json   
Authorization: Bearer access_token
JS

Request Payload

 {   "packageId: "5vjLRY5MWrDJ6MzRAEyCKOy5IH0="   } 
JS

Response Payload

{   "value": "MjY0MjQ4MzgtMTJlOS00MzhjLTgzODMtMzJmMGNiZTg3ODBl"   }
JS

Signer Authentication Tokens

A signer authentication token can be used to obtain a session for a signer with access to the Signer Experience. 

HTTP Request

POST /api/cs-authenticationTokens/signer/multiUse
JS

HTTP Headers

Accept: application/json   
Content-Type: application/json   
Authorization: Bearer access_token
JS

Request Payload

{   "packageId": "5vjLRY5MWrDJ6MzRAEyCKOy5IH0=",   "signerId": "8b734331-bc5b-4843-9784-d4ece4b7dc22"   } 
JS

Response Payload

{   "packageId":"5vjLRY5MWrDJ6MzRAEyCKOy5IH0=",   "signerId":"8b734331-bc5b-4843-9784-d4ece4b7dc22",   "value":"ABCdEFghIJKlMNOpQR00STUvWXyzNoWiKNO5MyabCsNtWySWm"   }
JS

The signer token above can be used multiple times. You can also create a single-use signer token:

HTTP Request

POST /api/cs-authenticationTokens/signer/singleUse
JS

HTTP Headers

Accept: application/json   
Content-Type: application/json   
Authorization: Bearer access_token
JS

Request Payload

{   "packageId":"s-wy6PFASBlAKfnLJjcbzoaMyTg=",   "signerId":"signer1@example.com"   }
JS

Response Payload

{   "packageId":"s-wy6PFASBlAKfnLJjcbzoaMyTg=",   "sessionFields": null,   "signerId":"signer1@example.com",   "value":"ABCdEFghIJKlMNOpQR00STUvWXyzNoWiKNO5MyabCsNtWySWm"   }
JS