We have relocated to Instructure Developer Documentation Portal. š Please update your bookmarks. This page will automatically redirect after July 1, 2026.
Access Tokens API
Show an access token TokensController#show
GET /api/v1/users/:user_id/tokens/:id
url:GET|/api/v1/users/:user_id/tokens/:id
The ID can be the actual database ID of the token, or the ātoken_hintā value.
Create an access token TokensController#create
POST /api/v1/users/:user_id/tokens
url:POST|/api/v1/users/:user_id/tokens
Create a new access token for the specified user. If the user is not the current user, the token will be created as āpendingā, and must be activated by the user before it can be used.
Request Parameters:
| Parameter | Type | Description | |
|---|---|---|---|
| token[purpose] | Required | string |
The purpose of the token. |
| token[expires_at] | DateTime |
The time at which the token will expire. |
|
| token[scopes][] | Array |
The scopes to associate with the token. Ignored if the default developer key does not have the āenable scopesā option enabled. In such cases, the token will inherit the userās permissions instead. |
Update an access token TokensController#update
PUT /api/v1/users/:user_id/tokens/:id
url:PUT|/api/v1/users/:user_id/tokens/:id
Update an existing access token.
The ID can be the actual database ID of the token, or the ātoken_hintā value.
Regenerating an expired token requires a new expiration date.
Request Parameters:
| Parameter | Type | Description | |
|---|---|---|---|
| token[purpose] | string |
The purpose of the token. |
|
| token[expires_at] | DateTime |
The time at which the token will expire. |
|
| token[scopes][] | Array |
The scopes to associate with the token. |
|
| token[regenerate] | boolean |
Regenerate the actual token. |
Delete an access token TokensController#destroy
DELETE /api/v1/users/:user_id/tokens/:id
url:DELETE|/api/v1/users/:user_id/tokens/:id
The ID can be the actual database ID of the token, or the ātoken_hintā value.