> ## Documentation Index > Fetch the complete documentation index at: https://gcore.com/docs/llms.txt > Use this file to discover all available pages before exploring further. # Create API token > **Deprecated:** This endpoint will be removed on **2026-07-17**. Use [`POST /v2/clients/{clientId}/tokens`](#operation/iamCreateApiTokenV2) instead. Create an API token in the current account. ## OpenAPI ````yaml /api-reference/services_documented/iam_api.yaml post /iam/clients/{clientId}/tokens openapi: 3.1.0 info: title: Gcore OpenAPI – IAM API description: >- This OpenAPI is an aggregated OpenAPI specification that unifies all Gcore products into a single file. It covers Cloud, CDN, DNS, WAAP, DDoS Protection, Object Storage, Streaming, and FastEdge services. version: '2026-05-15T06:37:28.230198+00:00' servers: - url: https://api.gcore.com security: - APIKey: [] tags: - name: Account description: >- Account management operations including authentication, password management, and account details. x-displayName: Account - name: API Tokens description: >- Use permanent API tokens for regular automated requests to services. You can either set its validity period when creating it or issue a token for an unlimited time. Please address the API documentation of the specific product in order to check if it supports API tokens. Newer endpoints under `/v2/…` issue tokens using `_` (underscore) as the separator (for example `42_a1b2c3d4e5f6...`) and are the recommended way to create new tokens. Legacy endpoints that issue `$`-separated tokens are marked deprecated and will be removed on **2026-07-17**; tokens that were already issued keep authenticating. Provide your APIKey in the Authorization header. Example: ```curl -H "Authorization: APIKey 42_a1b2c3d4e5f6..." https://api.gcore.com/iam/users/me``` Please note: When authorizing via SAML SSO, our system does not have any information about permissions given to the user by the identity provider. Even if the provider revokes the user's access rights, their tokens remain active. Therefore, if necessary, the token will need to be deleted manually. x-displayName: API Tokens - name: Users x-displayName: Users paths: /iam/clients/{clientId}/tokens: post: tags: - API Tokens summary: Create API token description: >- **Deprecated:** This endpoint will be removed on **2026-07-17**. Use [`POST /v2/clients/{clientId}/tokens`](#operation/iamCreateApiTokenV2) instead. Create an API token in the current account. operationId: iamCreateApiToken parameters: - $ref: '#/components/parameters/ClientID' requestBody: content: application/json: schema: $ref: '#/components/schemas/Token-2' responses: '200': description: OK. content: application/json: schema: $ref: '#/components/schemas/CreateTokenResponse' '400': description: API token creation failed. content: application/json: schema: $ref: '#/components/schemas/CreateTokenError' deprecated: true components: parameters: ClientID: name: clientId in: path required: true description: Account ID. schema: type: integer schemas: Token-2: type: object required: - name - exp_date - client_user properties: name: type: string description: API token name. example: My token description: type: string description: API token description. example: It's my token exp_date: type: string description: >- Date when the API token becomes expired (ISO 8086/RFC 3339 format), UTC. If null, then the API token will never expire. example: '2021-01-01T12:00:00.000000Z' nullable: true client_user: type: object description: API token role. properties: role: $ref: '#/components/schemas/Group' CreateTokenResponse: allOf: - type: object properties: token: type: string description: >- API token. Copy it, because you will not be able to get it again. We do not store tokens. All responsibility for token storage and usage is on the issuer. - $ref: '#/components/schemas/TokenResponse' CreateTokenError: oneOf: - title: Invalid role type: object properties: errors: type: object description: The specified role does not exist. Please check the role name. example: errors: client_user: role: - 'Invalid role: RoleName' - title: You can't create an API token with the specified role. type: object properties: errors: type: object description: The specified role is higher than yours. Try using another role. example: errors: client_user: role: - Can't create token with role Administrators Group: type: object properties: id: type: integer example: 1 description: >- Group's ID: Possible values are: - 1 - Administrators* 2 - Users* 5 - Engineers* 3009 - Purge and Prefetch only (API+Web)* 3022 - Purge and Prefetch only (API) name: type: string example: Administrators description: Group's name. enum: - Users - Administrators - Engineers - Purge and Prefetch only (API) - Purge and Prefetch only (API+Web) TokenResponse: allOf: - $ref: '#/components/schemas/Token-2' - type: object required: - id - deleted - expired - created - client_user - last_usage properties: id: type: integer description: API token ID. example: 42 deleted: type: boolean example: false description: Deletion flag. If true, then the API token was deleted. expired: type: boolean description: |- Expiration flag. If true, then the API token has expired. When an API token expires it will be automatically deleted. example: false created: type: string description: >- Date when the API token was issued (ISO 8086/RFC 3339 format), UTC. example: '2021-01-01T12:00:00.000000Z' client_user: $ref: '#/components/schemas/ClientUser' last_usage: type: string description: >- Date when the API token was last used (ISO 8086/RFC 3339 format), UTC. example: '2021-01-01T12:00:00.000000Z' ClientUser: type: object description: API token role and issuer data. required: - deleted - user_id - user_name - user_email - client_id - role properties: deleted: type: boolean example: false description: Deletion flag. If true, then the API token was deleted. user_id: type: integer description: User's ID who issued the API token. example: 123 user_name: type: string description: User's name who issued the API token. example: John Doe user_email: type: string description: User's email who issued the API token. example: some@email.com client_id: type: integer description: Account's ID. example: 456 role: $ref: '#/components/schemas/Group' securitySchemes: APIKey: description: >- API key for authentication. Make sure to include the word `apikey`, followed by a single space and then your token. Example: `apikey 1234$abcdef` type: apiKey in: header name: Authorization ````