UserLoginTokens

Introduction

UserLoginTokens are short-lived, user-specific tokens that allow a browser to log in a User without entering credentials. They are typically used for auto-login URLs or SSO-like flows where an application needs to sign in a User in a standard web context.

User login tokens are intended for one-time use: when a token is used during a login, it is soft deleted so it cannot be reused. Tokens are also invalid after their configured expiration time.

For usage examples see the Login By User Login Token section.

The actual login token (the secret the browser uses to perform the login) is only returned in the response payload of the create action. It is provided under the key token in the JSON response and is not present on list or show responses. Store or forward this token securely immediately after creation because it will not be retrievable later.

Model Definition

Relations

Key

Relation

Type

Relation Field(s)

user

User

Belongs to

user_id

loginUser

User

Belongs to

login_user_id

Traits

SoftDeletes

[Adm.] List

Get a list of all UserLoginTokens.

Definition

GET /api/administration/users/login-tokens

Example Request

$client = new GuzzleHttp\Client(['base_uri' => 'https://{tenant}.intratool.de']);
$response = $client->request('GET', '/api/administration/users/login-tokens', [
    'headers' => ['Authorization' => "Bearer {accessToken}"]
]);

Example Response

[
  {
    "uuid": "a046c716-db7a-4a1e-b8e1-52b2573ced74",
    "user_id": 2,
    "login_user_id": 3,
    "expires_at": "2025-11-01 12:05:00",
    "created_at": "2025-11-01 12:00:00",
    "updated_at": "2025-11-01 12:00:00",
    "deleted_at": null
  },
  {
    "uuid": "a048cad0-ddac-4b85-a81b-169bbe639023",
    "user_id": 2,
    "login_user_id": 4,
    "expires_at": "2025-11-01 12:20:00",
    "created_at": "2025-11-01 12:15:00",
    "updated_at": "2025-11-01 12:15:00",
    "deleted_at": null
  }
]

[Adm.] Show

Show a single UserLoginToken by uuid.

Definition

GET /api/administration/users/login-tokens/{uuid}

Example Request

$client = new GuzzleHttp\Client(['base_uri' => 'https://{tenant}.intratool.de']);
$response = $client->request('GET', '/api/administration/users/login-tokens/a046c716-db7a-4a1e-b8e1-52b2573ced74', [
    'headers' => ['Authorization' => "Bearer {accessToken}"]
]);

Example Response

{
  "uuid": "a046c716-db7a-4a1e-b8e1-52b2573ced74",
  "user_id": 2,
  "login_user_id": 3,
  "expires_at": "2025-11-01 12:05:00",
  "created_at": "2025-11-01 12:00:00",
  "updated_at": "2025-11-01 12:00:00",
  "deleted_at": null
}

[Adm.] Create

Create a new UserLoginToken for a User.

Definition

POST /api/administration/users/login-tokens

Request Keys

Key

Type

Default

Description

login_user_id *

integer

The ID of the User to login.

expires_in *

integer

The amount of seconds until the login token expires (between 1 and 86400 (24 hours)).

Keys with * are required.

Example Request

$client = new GuzzleHttp\Client(['base_uri' => 'https://{tenant}.intratool.de']);
$response = $client->request('POST', '/api/administration/users/login-tokens', [
    'headers' => ['Authorization' => "Bearer {accessToken}"],
    'json' => [
        'login_user_id' => 5,
        'expires_in' => 300
    ]
]);

Example Response

{
  "uuid": "a04a835e-65f0-4b8f-a476-f19de1c9a3ec",
  "user_id": 2,
  "login_user_id": 5,
  "expires_at": "2025-11-01 12:35:00",
  "created_at": "2025-11-01 12:30:00",
  "updated_at": "2025-11-01 12:30:00",
  "token": "eyJhbGciOiJSUzI1NiJ9.eyJpYXQiOjE3NjI4NjI1MTUsIm5iZiI6MTc2Mjg2MjUxNSwiZXhwIjoxNzYyODYyNjM1LCJpc3MiOiJodHRwczpcL1wvdGVzdC5pbnRyYXRvb2wudGVzdFwvIiwiYXVkIjoiaHR0cHM6XC9cL3Rlc3QuaW50cmF0b29sLnRlc3RcLyIsImp0aSI6IjEzZTRlNTdiLWYyMDEtNDVlYi1iZDlkLWY5OGUzYTgxOWU2NyIsImx0aSI6ImEwNTRkNzY2LWUzNTItNDIzYy04NmRiLTM4YTIzOTRhNmM2YSIsInN1YiI6M30.NX_N6TPcbezWuhONbyB_BZnvc8tfEtg-RdvGw6VjMX3yfdkD-ZNOkBxvMSbt81bSDNSxk3JIJtME2wjhTA4GatU4wFM-RUT1ABK_iXd_t7LpjLR6K2BlFUyQL9Lkk-LvbkKm0-uQYNrsCw4rqmG5R_tCvcsNpYEUPwmpzWfFuqJsGD6pVCMPNtVAKCPEhV_2FN2QNTd-SdncrbnxFY_F0-WBFEhlC1xIvguWMDSu2yTmGXJwNkRt_Y-9z6TbRjmAJ_g657zCzgRSzh6yYJtrEjWCsB1cku5eFqLTboiHTsr362uXhJnvm0oPJZ4wBiGMxSsdYSZJpxz0CopTsauDnOT-lhkpUdSxFmwo2HEry_f29O5Imb4ETtvzgu4_gyqAg0kG4rFuu548EIRXLbjxCGE4EqlKoNQMHwDSeEZQOs8Pj3QufZuE-UyC4T0iMQEvOmX0HAzfxLWeVA8x6ZXycwoyYDC-3k_5BNL4mm9bZ6dxQdpYjEEnjPao4-VRyUqYtNiUeduWP1Jv98KApbr6tN5Jfatxg0NVjpSmjUi5oQslHAs8x-jijlDiliuwuBrgo9atn2YXw7jAcAttbFE7HFrvY6EC2czwZ534R_9caTL2_ecCpxpm1eti2jzjXYPty3gDDdwQzyF2FB7hWH2aGxFf9RXPYN0BxoeO4YVMyOY"
}

The actual login token is provided under the key token in the JSON response. Store this token securely immediately after creation because it will not be retrievable later.

[Adm.] Create By Email

Create a new UserLoginToken for a User's email.

Definition

POST /api/administration/users/login-tokens/email

Request Keys

Key

Type

Default

Description

login_user_email *

string

The email of the User to login.

expires_in *

integer

The amount of seconds until the login token expires (between 1 and 86400 (24 hours)).

Keys with * are required.

Example Request

$client = new GuzzleHttp\Client(['base_uri' => 'https://{tenant}.intratool.de']);
$response = $client->request('POST', '/api/administration/users/login-tokens/email', [
    'headers' => ['Authorization' => "Bearer {accessToken}"],
    'json' => [
        'login_user_email' => '[email protected]',
        'expires_in' => 300
    ]
]);

Example Response

{
  "uuid": "a04b35a7-37c1-4b93-be9a-1b0afe73135e",
  "user_id": 2,
  "login_user_id": 6,
  "expires_at": "2025-11-01 12:50:00",
  "created_at": "2025-11-01 12:45:00",
  "updated_at": "2025-11-01 12:45:00",
  "token": "eyJhbGciOiJSUzI1NiJ9.eyJpYXQiOjE3NjI4NjIyODcsIm5iZiI6MTc2Mjg2MjI4NywiZXhwIjoxNzYyODYyNDA3LCJpc3MiOiJodHRwczpcL1wvdGVzdC5pbnRyYXRvb2wudGVzdFwvIiwiYXVkIjoiaHR0cHM6XC9cL3Rlc3QuaW50cmF0b29sLnRlc3RcLyIsImp0aSI6IjliMWEyZjFlLTNiZGEtNGRjMC1hYjRhLWM0NjdkYmIyODQwZiIsImx0aSI6ImEwNTRkNjBiLTNiODYtNGQyNS1iM2U5LTdmOGRhZjVkYzgxZiIsInN1YiI6M30.Ih_WS7xVsk6h_5PlS6L6d27GaUz8UOUmswsts3s1Ztdn45dfPzggr_3WdOXfEnSm-7RoFPEShIq8tupQmW8HVHaF5oPFxSpgkS-aQdRS7mx8qeBpI6KTb4OFKuOHlA6qBUvt9AIxnRxOAQl2BeGwTM1MlCMCf6dcAN-bYJ2hZYSExoh3tT8xDna-_l2jXIA8_LkrmsIxK3dCVdT-7KtMSnsf4ULCuPTAswe0FtqBFNG_yxIx6fjBn_KBfoCb2OdwVM-rFyyh6JIArbjYR-AOsqARaU1RI-YZGy7EeD7MAqDo75zzgjEPrwkT0aXDNpBkh6FUiYpvv0dsDlSLy_SSR5vDTGVluiDdZOrDrZTxZtkCMmM2DZER1Zrgxp2135eTDX4ckMlOv_aY6NvCOEhy8emirTh6qQmDzHTqpov-pfO6Izf1zUumctC4T0cGMxJImw8VjT3sGvHNLnAejUSf8pVnW2C9Gqn1z9-zBocn2nc3Krt_ChFio0kT-8M4MxiyNPpqIgm6XWXQYLaAjB_S5aQ4c196M7hVOM-CPSKwbn3g1pPXkgoJjbeB78ms93qVBIipVuppAwgWZ-8gJOOSNJGJt7aDfHfkiFjExPTUchH--xp5bvV5y13-YpXyvCPcsqEaAbcutvN5KncvfMZTrRuYyAU1frgokY0rZibuPOs"
}

The actual login token is provided under the key token in the JSON response. Store this token securely immediately after creation because it will not be retrievable later.

[Adm.] Delete

Delete a UserLoginToken by uuid.

Definition

DELETE /api/administration/users/login-tokens/{uuid}

Example Request

$client = new GuzzleHttp\Client(['base_uri' => 'https://{tenant}.intratool.de']);
$response = $client->request('DELETE', '/api/administration/users/login-tokens/b123c456-de78-4f90-ab12-3456789abcde', [
    'headers' => ['Authorization' => "Bearer {accessToken}"]
]);

Example Response

{
  "status": "success",
  "data": null
}

PreviousUsers NextUserActivities

Last updated 1 month ago