Skip to main content
POST
/
oauth
/
auth-codes
/
mint
cURL
curl --request POST \
  --url https://api.useanima.sh/v1/oauth/auth-codes/mint \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --data '
{
  "clientId": "<string>",
  "redirectUri": "<string>",
  "scope": "<string>",
  "codeChallenge": "<string>",
  "agentId": "<string>",
  "codeChallengeMethod": "S256",
  "ttlSeconds": 600,
  "consentMetadata": {
    "consentEmail": "<string>",
    "consentEmailVerified": true,
    "consentName": "<string>"
  }
}
'
{
  "code": "<string>",
  "expiresAt": "2023-11-07T05:31:56Z"
}

Authorizations

Authorization
string
header
required

JWT Bearer token obtained from authentication. Pass as: Authorization: Bearer

Body

application/json

Mint a one-shot authorization code (10-min TTL by default)

clientId
string
required

OAuth client_id (anima_oauth_apps row)

Minimum string length: 1
redirectUri
string<uri>
required

Where the consent callback lands

scope
string
required

Space-delimited scope list

codeChallenge
string
required

PKCE S256 challenge (RFC 7636)

Required string length: 43 - 128
agentId
string

Optional — restrict grant to a single agent

codeChallengeMethod
any
default:S256
ttlSeconds
integer
default:600
Required range: 0 <= x <= 900

Identity hints cached on the resulting grant

Response

OK

Newly-minted authorization code (cleartext, one-time disclosure)

code
string
required

Raw authorization code — return to the consenting client ONCE

expiresAt
string<date-time>
required