Ctrl+K

Create access token

post/api/v2/user/accesstoken

Create an access token to use BitGo APIs. Access tokens in the production environment are restricted to specific IP addresses, but access tokens for the test environment are not. If you omit a spending limit, you must unlock the token using the Unlock session endpoint on a regular basis to permit operations such as withdrawals. Therefore, BitGo recommends including a spending limit.

Request Body

scopeOne of
The permissions granted by this access token.
Allowed values: openid openid_enterprises profile user_manage enterprise_view_all enterprise_manage_all wallet_view wallet_view_enterprise wallet_view_all wallet_create wallet_freeze wallet_freeze_all wallet_manage wallet_manage_all wallet_approve wallet_approve_all wallet_spend wallet_spend_all wallet_edit wallet_edit_all wallet_stake wallet_stake_all wallet_edit_enterprise wallet_spend_enterprise wallet_approve_enterprise wallet_manage_enterprise settlement_network_read settlement_network_write portfolio_view trade_view trade_trade pending_approval_update metamask_institutional crypto_compare third_party_user_lookup private_verify_email all
duration number
The duration of the access token in seconds.
label string required
A label for the access token.
admin boolean
True, if this access token has admin permissions.
ipRestrict
array[string] or null
Restricts the access token to use only from the provided IP addresses. Required for access tokens in the production environment. Not required for access tokens in the test environment.
enterprise string
The enterprise ID that the user belongs to.
spendingLimits array[object]
coin string required
A cryptocurrency symbol or token ticker symbol
Example: btc
maxLimit boolean
txValueLimitOne ofrequired
allErc20TokensLimit object
enabled boolean
maxLimit boolean
txValueLimitOne of

200 Response

id string required
Example: 59cd72485007a239fb00282ed480da1f
Match pattern: ^[0-9a-f]{32}$
isExtensible boolean required
bitgoAdminPermissions array[string]
client string
created string <date-time>
enterprise string
expires string <date-time>
extensionAddress string
ip string <ipv4>
IP address of the client that requested this access token
Example: 127.0.0.1
ipRestrict array[string]
IP addresses of clients that are allowed to use this token
label string
origin string
BitGo environment that issued this token
Example: test.bitgo.com
token string
scope array[string]
Session permissions
Example: ["crypto_compare","user_manage","openid","profile","wallet_create","wallet_manage_all","wallet_approve_all","wallet_spend_all","wallet_edit_all","wallet_view_all"]
unlock object
spendingLimits object
allErc20TokensLimit object
expires string <date-time>
time string <date-time>
txCount number
txValue number
txValueLimit number
user string
Example: 59cd72485007a239fb00282ed480da1f
Match pattern: ^[0-9a-f]{32}$

400 Response

name string
Error code
context object required
Properties that apply to a specific error name
error string required
Human-readable error message
requestId string required
Client request id