Create session creation token

The Create Session Creation Token API generates a new session creation token for existing transactions. A new session creation token is required when the old token has expired and the transaction is still valid.

Syntax

POST /api/transaction/transaction_id/token

Examples

Example request

1. POST /api/transaction/dcaad720-d1e9-47ba-a76b-a6370ef0373b/token HTTP /1.1
2. Host: onespan.com
3. Accept: application/json, text/javascript
4. Sample payload:
5. {
6.   "role": "unknown"
7. }

Example response

1. HTTP/1.1 200 OK
2. Vary: Accept
3. Content-Type: application/json
4. {
5.   "token": "eyJhbGciOiJIUzM4NCIsInR5cCI6IkpXVCJ9.eyJzZXNzaW9uIjp7InJvbGUiOiJ1bmtub3duIn0sInNjb3BlIjpbInNlc3Npb25fY3JlYXRpb25fYXV0aG9yaXphdGlvbl9jb2RlIl0sInRyYW5zYWN0aW9uX3V1aWQiOiJjZTMxYjljYy1hNzIyLTRmZDctYmI3YS03MDMxM2RhNDg0OGMiLCJleHAiOjE2MjM5MzkxOTksImp0aSI6IjIxOTM1YjVkLTE4OTMtNDIxOC1iMjUwLTdjZTNlYzZlYjE5NSIsImNsaWVudF9pZCI6ImRlYWxmbG8ifQ.CUfpqPcSeSTJiOYzz72w8uFoCBrQOYK0NFdAUUVx3K3JVWLFIfogLmPjnJFMmsJq",
6.   "role": "unknown"
7. }

Headers

The following headers are included in the request and the response:

Request headers

• Accept: The response content type depends on the Accept header.
• Authorization: The OAuth/JWT token to authenticate.

Response headers

• Content-Type: application/json

Status codes

Status codes

Status code	Name	Description
200	OK	No error.
400	Bad Request	The transaction data is invalid.
401	Unauthorized	Invalid token.
403	Forbidden	The token does not grant transaction creation rights.
500	Internal Server Error	Server or application error.