POST /api/auth/session Bearer

Create Session Token

Exchange a master access token for a time-limited session token. Session tokens provide temporary authenticated access to the PocketPaw dashboard API with automatic expiration.

Overview

Exchanges the master access token for a time-limited session token. Session tokens are useful for browser-based access where storing the master token is undesirable.

Request Headers

Header Parameters

Authorization required
string

Bearer {master_token} — the master access token.

Response

session_token string
A time-limited HMAC-signed session token
expires_in_hours integer
Token validity period in hours
Terminal window
curl -X POST "http://localhost:8000/api/auth/session" \
  -H "Authorization: Bearer <token>"
const response = await fetch("http://localhost:8000/api/auth/session", {
  method: "POST",
  headers: { "Authorization": "Bearer <token>" }
});
const data = await response.json();
console.log(data);
import requests


response = requests.post(
    "http://localhost:8000/api/auth/session",
    headers={"Authorization": "Bearer <token>"}
)
print(response.json())
{
  "session_token": "session:1705312200:a1b2c3d4e5f6...",
  "expires_in_hours": 24
}
Request
curl -X POST "http://localhost:8000/api/auth/session" \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer <token>"
const response = await fetch("http://localhost:8000/api/auth/session", {
  method: "POST",
  headers: {
    "Content-Type": "application/json",
    "Authorization": "Bearer <token>"
},
});

const data = await response.json();
console.log(data);
import requests

response = requests.post(
    "http://localhost:8000/api/auth/session",
    headers={'Content-Type':'application/json','Authorization':'Bearer <token>'},
)

print(response.json())
package main

import (
    "fmt"
    "net/http"
    "io"
)

func main() {
    req, _ := http.NewRequest("POST", "http://localhost:8000/api/auth/session", nil)
    req.Header.Set("Content-Type", "application/json")
    req.Header.Set("Authorization", "Bearer <token>")

    client := &http.Client{}
    resp, _ := client.Do(req)
    defer resp.Body.Close()

    body, _ := io.ReadAll(resp.Body)
    fmt.Println(string(body))
}
Response
Send a request to see the response