Generate Token

URL:: https://<root>/generateToken
Methods:: POST
Version Introduced:: 10.1

Access requirements

Required privileges

The Sever Administrator API requires privilege-based access. An administrator must be assigned a specific user privilege, or role, to access any given endpoint. Listed below are the user privileges or roles an administrator can be assigned that provides access to this endpoint. If multiple privileges are listed, only one needs to be assigned to gain access.

Register data stores Feature layer Update Delete Security and infrastructure Servers Organization webhooks Geoprocessing Publisher role

Note that administrators assigned a custom role must also have the administrative View all content privilege assigned to them to access the API directory as an administrator. Additonally, any custom roles that include a webhook-related privilege must also include the general Publish server-based layers content privilege.

Tokens

This API requires token-based authentication. A token is automatically generated for administrators who sign in to the Server Administrator API directory's HTML interface. Tokens generated in this way are stored for the entirety of the session.

Those accessing the API directory outside of the HTML interface will need to acquire a session token from the generateToken operation in the Portal Directory API. For security reasons, all POST requests made to the Server Administrator API must include a token in the request body.

Learn how to generate a token

Description

The generateToken operation generates a token that can be used by clients when working with the Server Admin API.

Request parameters

Parameter	Description
`username`	The name of an administrative account for the site. Example Use dark colors for code blocksCopy `1 username=user1`
`password`	The credentials of the administrative account. Example Use dark colors for code blocksCopy `1 password=testpassword`
`client`	The client IP or HTTPS Referer to which the generated token will be bound. Note If the value is set as `referer`, the `referer` parameter must be specified. If the value is `ip`, the `ip` parameter must be specified. If the value is `requestip`, the IP address from where the request originated is used. Values: `referer` \| `ip` \| `requestip`
`referer` (Optional; Required if `client` is set to `referer`)	The base URL of the web application that will invoke the Server Admin API. Example Use dark colors for code blocksCopy `1 referer=https://myserver/mywebapp`
`ip` (Optional; Required if `client` is set to `ip`)	The IP address of the machine that will invoke the Administrator API. Example Use dark colors for code blocksCopy `1 ip=##.##.###.###`
`expiration`	The time in minutes for which the token must be valid. Example Use dark colors for code blocksCopy `1 expiration=90`
`f`	The response format. The default response format is `html`. Values: `html` \| `json` \| `pjson`

Example usage

The following is a sample POST request for the generateToken operation:

Use dark colors for code blocksCopy
POST /<context>/admin/generateToken HTTP/1.1
Host: organization.example.com
Content-Type: application/x-www-form-urlencoded
Content-Length: []

username=user1&password=testpassword&client=referer&referer=https://organization.example.com&expiration=90&f=json

JSON Response syntax

Use dark colors for code blocksCopy
{
  "token":"<token>",
  "expires": "<date>"
}

JSON Response example

Use dark colors for code blocksCopy
{
  "token": "sakjfh97325437hskfsdfd_sdkjfsjf1283763339564921734sdfbdsj",
  "expires": "13472658353687"
}