menu
Issue a personal access token
Issues a new personal access token for the v2 API. The raw value (prefixed sst_pat_) is returned exactly once in the token field - store it in a secrets manager; it cannot be retrieved again, only revoked.
Endpoint
POST https://api.sendstreak.com/v2/users/me/tokens
All v2 endpoints require a bearer token - see Authentication.
Request body
| Field | Type | Required | Description |
|---|---|---|---|
name | string | yes | A label identifying where the token is used, e.g. ci-pipeline. |
expiresInDays | one of: 30, 60, 90 | no | Omit or null for a token that never expires. |
Response
The created token, including the one-time raw value.
{
"_id": "665f0a2b1c9d440012ab34cd",
"name": "Example name",
"scopes": [
"messages:write"
],
"createDate": "2026-07-07T09:30:00.000Z",
"expiresAt": "2026-07-07T09:30:00.000Z",
"lastUsedAt": "2026-07-07T09:30:00.000Z",
"token": "sst_pat_9f8e7d6c5b4a39281706f5e4d3c2b1a0"
}
Errors
| Status | Description |
|---|---|
400 | The request body or parameters failed validation. |
401 | Missing or invalid token, or the token is not authorized for this account/user. |
See Errors and rate limits for what error responses look like.
Curl example
curl --location --request POST 'https://api.sendstreak.com/v2/users/me/tokens' \
--header 'Authorization: Bearer YOUR_API_TOKEN' \
--header 'Content-Type: application/json' \
--data-raw '{
"name": "Example name",
"expiresInDays": 30
}'