EmbedTokenResponse

Successful response from POST .../auth/embed. Pass accessToken to the matching SignStack web component as the embed-token attribute. The scopes array varies by intent.

accessToken
Type: string
required
expiresAt
Type: stringFormat: date-time
required

the date-time notation as defined by RFC 3339, section 5.6, for example, 2017-07-21T17:32:28Z
expiresIn
Type: integer
required

Integer numbers.
orgId
Type: string Pattern: ^org_[0-9a-z]{26}$
required

Prefixed lowercase ULID, e.g. org_01jv8m7qfj6xj9gkz7a4s2h8e.
resources
Type: array object[] · EmbedResource[]
required
A resource the embed token is authorized to act on.
- actions
  Type: array string[]
  required
  
  Actions permitted on this resource (e.g. sign, view, update).
- id
  Type: string
  required
- type
  Type: stringenum
  required
  values
  workflow
  blueprint
- steps
  Type: array string[]
  
  For signing intents: the participant step key(s) the token grants access to.
scopes
Type: array string[]
required
subject
Type: object
required

Identifies the entity (service account, user, or embed session) the token represents.
- id
  Type: string
  required
  
  Stable ID for the subject (UUID).
- type
  Type: stringenum
  required
  values
  user
  service_account
  embed
- mode
  Type: stringenum
  
  Mode of the namespace this token operates in.
  
  values
  live
  test
- namespaceKey
  Type: string
  
  Namespace this token is scoped to.
- orgId
  Type: string Pattern: ^org_[0-9a-z]{26}$
  
  Organization ID this token can act on. Prefixed lowercase ULID, e.g. org_01jv8m7qfj6xj9gkz7a4s2h8e.
tokenType
enum
const:
Bearer
required
values
- Bearer