Table of Contents

Method CreateSubtoken

Namespace
GuildWars2.Authorization
Assembly
GW2SDK.dll

CreateSubtoken(string, IEnumerable<Permission>?, DateTimeOffset?, IEnumerable<string>?, MissingMemberBehavior, CancellationToken)

Creates a new access token with the specified permissions, expiration and URL restrictions. If the parent token is an API key, the subtoken will inherit the permissions of the API key. The subtoken will always have an expiration date and optionally more restricted permissions. If the parent token is also a subtoken, the new subtoken will inherit the restrictions of the old subtoken.

[Obsolete("Use the overload with IEnumerable<Uri> allowedUrls instead.")]
public Task<(CreatedSubtoken Value, MessageContext Context)> CreateSubtoken(string accessToken, IEnumerable<Permission>? permissions = null, DateTimeOffset? absoluteExpirationDate = null, IEnumerable<string>? allowedUrls = null, MissingMemberBehavior missingMemberBehavior = MissingMemberBehavior.Error, CancellationToken cancellationToken = default)

Parameters

accessToken string

An API key or subtoken. If it is a subtoken, it must have permission to use /v2/createsubtoken.

permissions IEnumerable<Permission>

Optional permission restrictions. The final token permissions will be an intersection of this list and the parent token's permissions. It's possible to create a subtoken without the Account permission, but they are practically useless.

absoluteExpirationDate DateTimeOffset?

The expiration date of the new subtoken. If none is specified, the default lifetime is 30 days. If the parent token is an API key, the lifetime cannot exceed 365 days. If the parent token is a subtoken, its lifetime cannot be exceeded.

allowedUrls IEnumerable<string>

A list of API endpoints which may be accessed with the subtoken. For example, '/v2/account'. Case-sensitive. By default, all endpoints are allowed. If an allowlist is given, any URL not in the list will be forbidden. Only full path matches are allowed. For example, '/v2/account' does not allow access to '/v2/account/wallet'. Wildcards are also not supported. For example, you can't allow wildcard access to '/v2/characters/:id'.

missingMemberBehavior MissingMemberBehavior

The desired behavior when JSON contains unexpected members.

cancellationToken CancellationToken

A token to cancel the request.

Returns

Task<(CreatedSubtoken Value, MessageContext Context)>

A task that represents the API request.

Remarks

A subtoken expires immediately when the API key it was created from is deleted.

CreateSubtoken(string, IEnumerable<Permission>?, DateTimeOffset?, IEnumerable<Uri>?, MissingMemberBehavior, CancellationToken)

Creates a new access token with the specified permissions, expiration and URL restrictions. If the parent token is an API key, the subtoken will inherit the permissions of the API key. The subtoken will always have an expiration date and optionally more restricted permissions. If the parent token is also a subtoken, the new subtoken will inherit the restrictions of the old subtoken.

public Task<(CreatedSubtoken Value, MessageContext Context)> CreateSubtoken(string accessToken, IEnumerable<Permission>? permissions = null, DateTimeOffset? absoluteExpirationDate = null, IEnumerable<Uri>? allowedUrls = null, MissingMemberBehavior missingMemberBehavior = MissingMemberBehavior.Error, CancellationToken cancellationToken = default)

Parameters

accessToken string

An API key or subtoken. If it is a subtoken, it must have permission to use /v2/createsubtoken.

permissions IEnumerable<Permission>

Optional permission restrictions. The final token permissions will be an intersection of this list and the parent token's permissions. It's possible to create a subtoken without the Account permission, but they are practically useless.

absoluteExpirationDate DateTimeOffset?

The expiration date of the new subtoken. If none is specified, the default lifetime is 30 days. If the parent token is an API key, the lifetime cannot exceed 365 days. If the parent token is a subtoken, its lifetime cannot be exceeded.

allowedUrls IEnumerable<Uri>

A list of API endpoints which may be accessed with the subtoken. For example, '/v2/account'. Case-sensitive. By default, all endpoints are allowed. If an allowlist is given, any URL not in the list will be forbidden. Only full path matches are allowed. For example, '/v2/account' does not allow access to '/v2/account/wallet'. Wildcards are also not supported. For example, you can't allow wildcard access to '/v2/characters/:id'.

missingMemberBehavior MissingMemberBehavior

The desired behavior when JSON contains unexpected members.

cancellationToken CancellationToken

A token to cancel the request.

Returns

Task<(CreatedSubtoken Value, MessageContext Context)>

A task that represents the API request.

Remarks

A subtoken expires immediately when the API key it was created from is deleted.

Edit this page