Skip to main content
POST
/
v1
/
connect
/
{project_id}
/
tokens
cURL
curl --request POST \
  --url https://api.pipedream.com/v1/connect/{project_id}/tokens \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --header 'x-pd-environment: <x-pd-environment>' \
  --data '
{
  "external_user_id": "<string>",
  "allowed_origins": [
    "<string>"
  ],
  "error_redirect_uri": "<string>",
  "expires_in": 123,
  "scope": "<string>",
  "success_redirect_uri": "<string>",
  "webhook_uri": "<string>",
  "allow_progressive_scopes": false
}
'
{
  "connect_link_url": "<string>",
  "expires_at": "2023-11-07T05:31:56Z",
  "token": "<string>"
}
Your app will initiate the account connection flow for your end users in your frontend. To securely scope connection to a specific end user, on your server, you retrieve a short-lived token for that user, and return that token to your frontend. See the Connect tokens docs for more information. When using the Connect API to make requests from a client environment like a browser, you must specify the allowed origins for the token. Otherwise, this field is optional. This is a list of URLs that are allowed to make requests with the token. For example: 
{
  "allowed_origins": ["https://myapp.com"]
}

Authorizations

Authorization
string
header
required

A short-lived OAuth access token for server-side requests. Generate one via the Generate OAuth Token flow or automatically when initializing the SDK client.

Headers

x-pd-environment
enum<string>
required

The environment in which the server client is running

Available options:
development,
production

Path Parameters

project_id
string
required

The project ID, which starts with proj_.

Pattern: ^proj_[a-zA-Z0-9]+$

Body

application/json

Request object for creating a connect token

external_user_id
string
required

Your end user ID, for whom you're creating the token

allowed_origins
string[]

List of allowed origins for CORS

error_redirect_uri
string

URI to redirect to on error

expires_in
integer

Token TTL in seconds (max 14400 = 4 hours). Defaults to 4 hours if not specified.

scope
string

Space-separated scopes to restrict token permissions. Defaults to 'connect:*' if not specified. See https://pipedream.com/docs/connect/api-reference/authentication#connect-token-scopes for more information.

success_redirect_uri
string

URI to redirect to on success

webhook_uri
string

Webhook URI for notifications

allow_progressive_scopes
boolean
default:false

When true, end users may authorize a subset of the app's OAuth scopes; only the app's functional scopes (needed for the post-OAuth test request) are enforced. Defaults to false.

Response

connect token created

Response received after creating a connect token

connect_link_url
string
required

The Connect Link URL

expires_at
string<date-time>
required

The expiration time of the token in ISO 8601 format

token
string
required

An authentication token with a limited lifespan

Pattern: ^ctok_[0-9a-f]{32}$