Create Session Creation Token

This API generates a new session creation token for existing transactions. A new session creation token is required when the old token has expired and the transaction is still valid.

Syntax

POST /api/transaction/(uuid: transaction_id)/token

Examples

Example request

  1. POST /api/transaction/dcaad720-d1e9-47ba-a76b-a6370ef0373b/token HTTP /1.1
  2. Host: onespan.com
  3. Accept: application/json, text/javascript
  4. Sample payload:
  5. {
  6.   "role": "unknown"
  7. }

Example response

  1. HTTP/1.1 200 OK
  2. Vary: Accept
  3. Content-Type: application/json
  4. {
  5.   "token": "eyJhbGciOiJIUzM4NCIsInR5cCI6IkpXVCJ9.eyJzZXNzaW9uIjp7InJvbGUiOiJ1bmtub3duIn0sInNjb3BlIjpbInNlc3Npb25fY3JlYXRpb25fYXV0aG9yaXphdGlvbl9jb2RlIl0sInRyYW5zYWN0aW9uX3V1aWQiOiJjZTMxYjljYy1hNzIyLTRmZDctYmI3YS03MDMxM2RhNDg0OGMiLCJleHAiOjE2MjM5MzkxOTksImp0aSI6IjIxOTM1YjVkLTE4OTMtNDIxOC1iMjUwLTdjZTNlYzZlYjE5NSIsImNsaWVudF9pZCI6ImRlYWxmbG8ifQ.CUfpqPcSeSTJiOYzz72w8uFoCBrQOYK0NFdAUUVx3K3JVWLFIfogLmPjnJFMmsJq",
  6.   "role": "unknown"
  7. }

Headers

The following headers are included in the request and response, respectively:

Request headers

  • Accept: The response content type depends on the Accept header
  • Authorization: The OAuth/JWT token to authenticate

Response headers

Status codes

Status codes
Status code Name Description
200 OK

No error.

400 Bad Request The transaction data is invalid.
401 Unauthorized Invalid token.
403 Forbidden The token does not grant transaction creation rights.
500 Internal Server Error Server or application error.