Create Personal Access Token

curl --request POST \
  --url https://api.dfns.io/auth/pats \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --header 'X-DFNS-USERACTION: <api-key>' \
  --data '
{
  "name": "<string>",
  "publicKey": "<string>",
  "permissionId": "<string>",
  "externalId": "<string>",
  "daysValid": 123,
  "secondsValid": 123
}
'

{
  "accessToken": "<string>",
  "dateCreated": "<string>",
  "credId": "<string>",
  "isActive": true,
  "kind": "Pat",
  "linkedUserId": "<string>",
  "linkedAppId": "<string>",
  "name": "<string>",
  "orgId": "<string>",
  "publicKey": "<string>",
  "tokenId": "<string>",
  "permissionAssignments": [
    {
      "permissionName": "<string>",
      "permissionId": "<string>",
      "assignmentId": "<string>",
      "operations": [
        "<string>"
      ]
    }
  ]
}

POST

auth

pats

Create Personal Access Token

curl --request POST \
  --url https://api.dfns.io/auth/pats \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --header 'X-DFNS-USERACTION: <api-key>' \
  --data '
{
  "name": "<string>",
  "publicKey": "<string>",
  "permissionId": "<string>",
  "externalId": "<string>",
  "daysValid": 123,
  "secondsValid": 123
}
'

{
  "accessToken": "<string>",
  "dateCreated": "<string>",
  "credId": "<string>",
  "isActive": true,
  "kind": "Pat",
  "linkedUserId": "<string>",
  "linkedAppId": "<string>",
  "name": "<string>",
  "orgId": "<string>",
  "publicKey": "<string>",
  "tokenId": "<string>",
  "permissionAssignments": [
    {
      "permissionName": "<string>",
      "permissionId": "<string>",
      "assignmentId": "<string>",
      "operations": [
        "<string>"
      ]
    }
  ]
}

Authentication

✅ Organization User (CustomerEmployee)
✅ Delegated User (EndUser)
❌ Personal Access Token not allowed
❌ Service Account

Required Permissions

Auth:Pats:Create: Always required.

Authorizations

Authorization

string

header

required

Bearer Token: Used to authenticate API requests. More details how to generate the token: Authentication flows

X-DFNS-USERACTION

string

header

required

User Action Signature: Used to sign the change-inducing API requests. More details how to generate the token: User Action Signing flows

Body

application/json

name

string

required

Minimum string length: 1

publicKey

string

required

Pattern: ^-----BEGIN (RSA )?PUBLIC KEY-----[A-Za-z0-9+/=\n\r\\]+-----END (RSA )?PUBLIC KEY-----\s?$

permissionId

string

externalId

string

daysValid

integer

secondsValid

integer

Response

200 - application/json

Success

accessToken

string

required

dateCreated

string

required

credId

string

required

isActive

boolean

required

kind

enum<string>

required

Available options:

Pat,

ServiceAccount,

Token,

Code,

Recovery,

Temp,

Application

linkedUserId

string

required

linkedAppId

string

required

name

string

required

orgId

string

required

publicKey

string

required

tokenId

string

required

permissionAssignments

object[]

required

Show child attributes

Last modified on February 26, 2026

List Personal Access Tokens

Get Personal Access Token

⌘I

API Authorization

Identity & Access Management

Wallets & Transactions

Management

Webhooks

Create Personal Access Token

Authentication

Required Permissions

Authorizations

Body

Response

API Authorization

Identity & Access Management

Wallets & Transactions

Management

Webhooks

​Authentication

​Required Permissions

Authorizations

Body

Response

Authentication

Required Permissions