Login Tokens

Use this endpoint to mint a short-lived loginToken from your API key. The login token can be exchanged for a long-lived client authToken via /users/verify_token.

Base URL: https://api.samsar.one/v1
Auth: Authorization: Bearer <API_KEY>

POST /create_login_token

Create a short-lived loginToken for a user associated with your API key.

Request body

No body is required.

Sample request

curl -X POST https://api.samsar.one/v1/create_login_token \
  -H "Authorization: Bearer $SAMSAR_API_KEY"

Success response (200)

{
  "loginToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
  "expiresInSeconds": 600,
  "expiresAt": "2026-02-02T12:00:00.000Z"
}

Notes

The token is short-lived and intended for handoff to the client app.
GET /create_login_token is also supported and returns the same payload.

Once the client receives a loginToken, exchange it for a long-lived authToken using the user verification endpoint.

Sample request

curl "https://api.samsar.one/users/verify_token?loginToken=$LOGIN_TOKEN"

Success response (200)

{
  "authToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
  "_id": "...",
  "email": "user@example.com"
}

POST /create_login_token​

Exchange login token for client auth token​

POST /create_login_token

Exchange login token for client auth token