Mint a short-lived, down-scoped token for an AI agent acting on the signed-in user's behalf.
POST
End-user session operationId: create_agent_token/v1/auth/me/agent-tokens Authorization
Called from the browser with the publishable application id (x-application-id); the access token lives in memory.
Request body · required
agentstring requiredThe agent this token is for (recorded as a per-agent consent + in the token's `agent` claim).
scopesstring[]ttl_minutesinteger<int64> int64Lifetime in minutes (default 15, max 60).
Responses
201 Agent token
{
"data": {
"access_token": "string",
"agent": "string",
"expires_in": 0,
"scope": "string",
"token_type": "string"
},
"error": {
"code": "string",
"message": "string"
},
"meta": {
"timestamp": "string"
},
"success": false
}Request
curl -X POST "https://api.identrahq.com/v1/auth/me/agent-tokens" \
-H "Content-Type: application/json" \
-d '{
"agent": "claude-mcp",
"scopes": [
"string"
],
"ttl_minutes": 0
}'Try it
live requestPOST
https://api.identrahq.com/v1/auth/me/agent-tokens