Create access token

POST https://datafa.st/api/v1/admin/access-tokens

Create a dft_ account token. The raw token is returned once.

Request

Authentication

dft_ account token with api-keys:write.

Body parameters

Field	Type	Required	Description
`name`	string	No	Human-readable name for the resource or event. The exact meaning depends on the endpoint. Human-readable token name. Stored as null when omitted.
`permissions`	string[]	No	Permissions to grant. Defaults to [`*`]. Cannot exceed the caller token permissions.
`websiteIds`	string[]	No	Website ObjectIds this token can access. Empty array means all websites available to the account.

Response

Returns a JSON object with status and endpoint-specific fields.

Response fields

Field	Type	Description
`data[].message`	string	Human-readable confirmation or status message for the operation.

Errors

Common errors include 400 for invalid input, 401 for missing or invalid tokens, 403 for missing permissions or website access, 404 for missing resources, and 500 for server errors.

✍️ Something missing? Suggest features.

🤖 AI agent or LLM? Read this page as markdown

curl -X POST "https://datafa.st/api/v1/admin/access-tokens" \ -H "Authorization: Bearer dft_xxx" \ -H "Content-Type: application/json" \ -d '{"name":"Read only","permissions":["analytics:read","websites:read"],"websiteIds":["WEBSITE_ID"]}'

{ "status": "success", "data": [{ "_id": "665f0b3c4d2e1a0012345678", "name": "Read only", "displayKey": "dft_ab1...xyz9", "scope": "user", "permissions": ["analytics:read", "websites:read"], "websiteIds": ["665f0b3c4d2e1a0012345678"], "key": "dft_full_token_shown_once" }] }