Source: https://datafa.st/docs/api/account/access-tokens/create Markdown source: https://datafa.st/docs/api/account/access-tokens/create.md Description: Create a dft_ account token. The raw token is returned once. # Create access token `POST https://datafa.st/api/v1/admin/access-tokens` Create a dft_ account token. The raw token is returned once. ## Request ### Authentication - `dft_` account token with `api-keys:write`. ### Body parameters | Field | Type | Required | Description | | --- | --- | --- | --- | | `name` | string | No | Human-readable name for the resource or event. The exact meaning depends on the endpoint. Human-readable token name. Stored as null when omitted. | | `permissions` | string[] | No | Permissions to grant. Defaults to [`*`]. Cannot exceed the caller token permissions. | | `websiteIds` | string[] | No | Website ObjectIds this token can access. Empty array means all websites available to the account. | ## Response Returns a JSON object with `status` and endpoint-specific fields. ### Response fields | Field | Type | Description | | --- | --- | --- | | `data[].message` | string | Human-readable confirmation or status message for the operation. | ### Errors Common errors include `400` for invalid input, `401` for missing or invalid tokens, `403` for missing permissions or website access, `404` for missing resources, and `500` for server errors. ## Code examples ### Example request ```bash curl -X POST "https://datafa.st/api/v1/admin/access-tokens" \ -H "Authorization: Bearer dft_xxx" \ -H "Content-Type: application/json" \ -d '{"name":"Read only","permissions":["analytics:read","websites:read"],"websiteIds":["WEBSITE_ID"]}' ``` ### Success response ```json { "status": "success", "data": [{ "_id": "665f0b3c4d2e1a0012345678", "name": "Read only", "displayKey": "dft_ab1...xyz9", "scope": "user", "permissions": ["analytics:read", "websites:read"], "websiteIds": ["665f0b3c4d2e1a0012345678"], "key": "dft_full_token_shown_once" }] } ```