Skip to main content
API docs by Redocly

Admin API (0.1.0)

The Admin API serves as the central point for interacting with Witboost.

Admin

Exchange an access token for a short-lived JWT

Exchanges a Witboost access token for a short-lived JWT to authenticate API calls.

Rules:

  • duration_seconds cannot exceed the remaining lifetime of the access token. If it does, the request is rejected.
  • If duration_seconds is not provided, a default duration is used (configured by backend.auth.shortLivedTokendurationSeconds, default: 5 minutes).
  • The scope field accepts a space-separated list of scopes (e.g., scope1 scope2 scope3).
Request Body schema: application/json
required
access_token
required
string

The Witboost access token to exchange

duration_seconds
integer >= 1

Lifetime of the generated JWT in seconds. If omitted, the backend default is used (configured by backend.auth.shortLivedTokenduration_seconds, default: 5 minutes)

scope
string

Space-separated list of scopes for the generated JWT

Responses

Request samples

Content type
application/json
{
  • "access_token": "wbat-YY4BMWsHE-tRQ5ZH5HWop_0AjukY4wOPOrx",
  • "duration_seconds": 3600,
  • "scope": "scope-1 scope-2 scope-3"
}

Response samples

Content type
application/json
{
  • "jwt": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..."
}