Ctrl+K

Create access token

post/api/v1/user/accesstoken

Create an access token to use BitGo APIs. Access tokens in the production environment are restricted to specific IP addresses, but access tokens for the test environment are not. If you omit a spending limit, you must unlock the token using the Unlock session endpoint on a regular basis to permit operations such as withdrawals. Therefore, BitGo recommends including a spending limit.

Request Body

scopeOne of
The permissions granted by this access token. - `all` - Access all actions in the test environment. - `crypto_compare` - Call CryptoCompare API. - `enterprise_manage_all` - Manage users and settings for any enterprise to which the user belongs. - `enterprise_view_all` - View any enterprise to which the user belongs. - `metamask_institutional` - [DEPRECATED] Enables using BitGo wallets in the MetaMask Institutional extension. - `openid` - Verify your BitGo user ID using OpenID Connect. - `pending_approval_update` - Approve or reject pending actions that require approval to proceed. - `portfolio_view` - [DEPRECATED] Call the Portfolio API. - `profile` - View your BitGo Profile. - `settlement_network_read` - View your client's Go Network data, enabling allocations to and from your platform. Only for Go Network partners. - `settlement_network_write` - Update your client's Go Network data, enabling allocations to and from your platform. Only for Go Network partners. - `trade_trade` - Initiate trades. - `trade_view` - View trades. - `wallet_approve` - Approve policies and transactions for a wallet where the user is a wallet admin. - `wallet_approve_all` - Approve transactions for any wallet where the user is a wallet admin within any enterprise to which the user belongs. - `wallet_approve_enterprise` - Approve transactions for any wallet where the user is a wallet admin within a single enterprise. - `wallet_create` - Create wallets. - `wallet_edit` - Edit comments on a transfer. - `wallet_edit_all` - Edit comments on all transfers within multiple enterprises. - `wallet_edit_enterprise` - [DEPRECATED] Edit comments on all transfers within a single enterprise. - `wallet_freeze` - Freeze a wallet. - `wallet_freeze_all` - Freeze any wallet within any enterprises to which the user belongs. - `wallet_manage` - Manage settings for a wallet where the user is a wallet admin. - `wallet_manage_all` - Manage settings for any wallet where the user is a wallet admin within any enterprise to which the user belongs. - `wallet_manage_enterprise` - Manage settings for any wallet where the user is a wallet admin within a single enterprise. - `wallet_spend` - Initiate transactions from a wallet. - `wallet_spend_all` - Initiate transactions from any wallet within any enterprise to which the user belongs. - `wallet_spend_enterprise` - Initiate transactions from any wallet within a single enterprise. - `wallet_stake` - Initiate staking transactions from a wallet. - `wallet_stake_all` - Initiate staking transactions from any wallet within any enterprise to which the user belongs. - `wallet_view` - View a wallet. - `wallet_view_all` - View any wallet within any enterprise to which the user belongs. - `wallet_view_enterprise` - View any wallet within a single enterprise.
Allowed values: openid openid_enterprises profile user_manage enterprise_view_all enterprise_manage_all wallet_view wallet_view_enterprise wallet_view_all wallet_create wallet_freeze wallet_freeze_all wallet_manage wallet_manage_all wallet_approve wallet_approve_all wallet_spend wallet_spend_all wallet_edit wallet_edit_all wallet_stake wallet_stake_all wallet_edit_enterprise wallet_spend_enterprise wallet_approve_enterprise wallet_manage_enterprise settlement_network_read settlement_network_write portfolio_view trade_view trade_trade pending_approval_update metamask_institutional crypto_compare third_party_user_lookup private_verify_email scim all
duration number
The duration of the access token in seconds.
label string required
A label for the access token.
otp string required
The one-time password.
admin boolean
True, if this access token has admin permissions.
ipRestrict
array[string] or null
Restricts the access token to use only from the provided IP addresses. Required for access tokens in the production environment. Not required for access tokens in the test environment.
enterprise string
The enterprise ID that the user belongs to.
spendingLimits array[object]
coin string required
A cryptocurrency symbol or token ticker symbol
Example: btc
maxLimit boolean
txValueLimitOne ofrequired
allErc20TokensLimit object
enabled boolean
maxLimit boolean
txValueLimitOne of

200 Response

id string required
Example: 59cd72485007a239fb00282ed480da1f
Match pattern: ^[0-9a-f]{32}$
isExtensible boolean required
bitgoAdminPermissions array[string]
client string
created string <date-time>
enterprise string
expires string <date-time>
extensionAddress string
ip string <ipv4>
IP address of the client that requested this access token
Example: 127.0.0.1
ipRestrict array[string]
IP addresses or CIDR block of clients that are allowed to use this token
label string
origin string
BitGo environment that issued this token
Example: test.bitgo.com
token string
scope array[string]
Session permissions
Example: ["crypto_compare","user_manage","openid","profile","wallet_create","wallet_manage_all","wallet_approve_all","wallet_spend_all","wallet_edit_all","wallet_view_all"]
unlock object
spendingLimits dictionary<string, object>
allErc20TokensLimit object
expires string <date-time>
time string <date-time>
txCount number
txValue number
txValueLimit number
user string
Example: 59cd72485007a239fb00282ed480da1f
Match pattern: ^[0-9a-f]{32}$
oauth object
oauthRequired boolean
expires string <date-time>
isMobileAccessToken boolean
Flag indicating if this token was created via mobile session endpoint

400 Response

name string
Error code
context object required
Properties that apply to a specific error name
error string required
Human-readable error message
requestId string required
Client request id