POST
/
v2
/
auth
/
generate_token
Generate Token
curl --request POST \
  --url https://api.velt.dev/v2/auth/generate_token \
  --header 'Content-Type: application/json' \
  --header 'x-velt-api-key: <x-velt-api-key>' \
  --header 'x-velt-auth-token: <x-velt-auth-token>' \
  --data '{
  "data": {
    "userId": "<string>",
    "userProperties": {
      "isAdmin": true,
      "name": "<string>",
      "email": "<string>"
    },
    "permissions": {
      "resources": [
        {
          "type": "<string>",
          "id": "<string>",
          "organizationId": "<string>",
          "accessRole": "<string>",
          "expiresAt": 123
        }
      ]
    }
  }
}'
{
  "result": {
    "status": "success",
    "message": "Token generated successfully.",
    "data": {
      "token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VySWQiOiJ1c2VyMTIzIiwiaWF0IjoxNjQwOTk1MjAwfQ.signature"
    }
  }
}
Use this API to generate authentication JWT token for users to access Velt features. The token contains user information and permissions for specific resources like organizations, folders and documents.
Within permissions.resources[], use accessRole to assign viewer (read-only) or editor (read/write) for each resource.
Access Control
  • Set accessRole to viewer (read-only) or editor (read/write) on each resource to define the user’s capabilities for that resource.
  • accessRole can only be set via the v2 Users and Auth Permissions REST APIs. Frontend SDK methods do not accept or change accessRole.
  • Relevant endpoints: /v2/users/add, /v2/users/update, /v2/auth/permissions/add, /v2/auth/generate_token.
  • See the Access Control overview for concepts and detailed guidance.
  • JWT token expires in 48 hours.
  • You can specify permissions for different resource types (organization, folder, document)

Endpoint

POST https://api.velt.dev/v2/auth/generate_token

Headers

x-velt-api-key
string
required
Your API key.
x-velt-auth-token
string
required
Your Auth Token.

Body

Params

data
object
required

Example Requests

1. Generate token with organization and document permissions (viewer on org, editor on document)

{
  "userId": "user123",
  "userProperties": {
    "isAdmin": false,
    "name": "John Doe",
    "email": "john@example.com"
  },
  "permissions": {
    "resources": [
      {
        "type": "organization",
        "id": "org_123",
        "accessRole": "viewer"
      },
      {
        "type": "document",
        "id": "doc_456",
        "organizationId": "org_123",
        "accessRole": "editor",
        "expiresAt": 1640995200
      }
    ]
  }
}

2. Generate token with only organization access (viewer)

{
  "userId": "user456",
  "userProperties": {
    "isAdmin": true,
    "name": "Jane Smith",
    "email": "jane@example.com"
  },
  "permissions": {
    "resources": [
      {
        "type": "organization",
        "id": "org_789",
        "accessRole": "viewer"
      }
    ]
  }
}

3. Generate token with folder permissions (editor)

{
  "userId": "user789",
  "userProperties": {
    "isAdmin": false,
    "name": "Bob Wilson",
    "email": "bob@example.com"
  },
  "permissions": {
    "resources": [
      {
        "type": "organization",
        "id": "org_123"
      },
      {
        "type": "folder",
        "id": "folder_001",
        "organizationId": "org_123",
        "accessRole": "editor"
      }
    ]
  }
}

Response

Success Response

{
  "result": {
    "status": "success",
    "message": "Token generated successfully.",
    "data": {
      "token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..."
    }
  }
}

Failure Response

{
  "error": {
    "message": "ERROR_MESSAGE",
    "status": "INVALID_ARGUMENT"
  }
}

{
  "result": {
    "status": "success",
    "message": "Token generated successfully.",
    "data": {
      "token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VySWQiOiJ1c2VyMTIzIiwiaWF0IjoxNjQwOTk1MjAwfQ.signature"
    }
  }
}