Skip to main content
POST
/
orgs
/
{orgId}
/
api-tokens
Creates a new API token for the specified organization. The full token is only shown once.
curl --request POST \
  --url https://api.zippendo.com/orgs/{orgId}/api-tokens \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --data '
{
  "name": "<string>",
  "scopes": [
    "read:api_tokens"
  ],
  "expiresInDays": 183
}
'
{
  "id": "<string>",
  "name": "<string>",
  "tokenPrefix": "<string>",
  "scopes": [
    "<string>"
  ],
  "lastUsedAt": "<string>",
  "expiresAt": "<string>",
  "createdAt": "<string>",
  "token": "<string>"
}

Authorizations

Authorization
string
header
required

JWT access token or API token (prefixed with zipp_)

Path Parameters

orgId
string
required

Organization ID

Body

application/json
name
string
required

Token name for identification

Required string length: 1 - 100
scopes
enum<string>[]
required

Permission scopes for the token

Minimum array length: 1
Available options:
read:api_tokens,
write:api_tokens,
read:orgs,
write:orgs,
read:users,
write:users,
read:roles,
write:roles,
read:org_members,
write:org_members,
read:carriers,
write:carriers,
read:sender_addresses,
write:sender_addresses,
read:shipping_rules,
write:shipping_rules,
read:shipments,
write:shipments,
read:orders,
write:orders,
read:order_channels,
write:order_channels,
read:return_portals,
write:return_portals,
read:printers,
write:printers,
read:webhooks,
write:webhooks,
read:all,
write:all
expiresInDays
integer

Token expiry in days (optional, max 365)

Required range: 1 <= x <= 365

Response

Default Response

id
string
required
name
string
required
tokenPrefix
string
required

First 12 chars of the token for identification

scopes
string[]
required
lastUsedAt
string | null
required
expiresAt
string | null
required
createdAt
string
required
token
string
required

Full API token (only shown once)