> ## Documentation Index
> Fetch the complete documentation index at: https://docs.surge.app/llms.txt
> Use this file to discover all available pages before exploring further.

# Create user token

> Provides a mechanism for having Surge create a signed token for embeds instead of signing with your own signing key.



## OpenAPI

````yaml POST /users/{user_id}/tokens
openapi: 3.1.1
info:
  title: Surge
  version: '1.0'
servers:
  - url: https://api.surge.app
security:
  - authorization: []
paths:
  /users/{user_id}/tokens:
    post:
      tags:
        - Tokens
      summary: Create a signed user token
      description: >-
        Provides a mechanism for having Surge create a signed token for embeds
        instead of signing with your own signing key.
      operationId: CreateToken
      parameters:
        - in: path
          name: user_id
          required: true
          schema:
            description: The user for which the token represents authentication.
            example: usr_01jymgdfrpec2asc5m0z3a6fr9
            type: string
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/TokenParams'
        required: true
      responses:
        '201':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/TokenResponse'
          description: Created token
        default:
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
          description: Error
      x-codeSamples:
        - lang: JavaScript
          source: >-
            import Surge from '@surgeapi/node';


            const client = new Surge({
              apiKey: process.env['SURGE_API_KEY'], // This is the default and can be omitted
            });


            const userTokenResponse = await
            client.users.createToken('usr_01jymgdfrpec2asc5m0z3a6fr9');


            console.log(userTokenResponse.token);
        - lang: Python
          source: |-
            import os
            from surge import Surge

            client = Surge(
                api_key=os.environ.get("SURGE_API_KEY"),  # This is the default and can be omitted
            )
            user_token_response = client.users.create_token(
                user_id="usr_01jymgdfrpec2asc5m0z3a6fr9",
            )
            print(user_token_response.token)
        - lang: Go
          source: "package main\n\nimport (\n\t\"context\"\n\t\"fmt\"\n\n\t\"github.com/stainless-sdks/surge-go\"\n\t\"github.com/stainless-sdks/surge-go/option\"\n)\n\nfunc main() {\n\tclient := surge.NewClient(\n\t\toption.WithAPIKey(\"My API Key\"),\n\t)\n\tuserTokenResponse, err := client.Users.NewToken(\n\t\tcontext.TODO(),\n\t\t\"usr_01jymgdfrpec2asc5m0z3a6fr9\",\n\t\tsurge.UserNewTokenParams{},\n\t)\n\tif err != nil {\n\t\tpanic(err.Error())\n\t}\n\tfmt.Printf(\"%+v\\n\", userTokenResponse.Token)\n}\n"
        - lang: Ruby
          source: >-
            require "surge_api"


            surge = SurgeAPI::Client.new(api_key: "My API Key")


            user_token_response =
            surge.users.create_token("usr_01jymgdfrpec2asc5m0z3a6fr9")


            puts(user_token_response)
        - lang: PHP
          source: >-
            <?php


            require_once dirname(__DIR__) . '/vendor/autoload.php';


            use Surge\Client;

            use Surge\Core\Exceptions\APIException;


            $client = new Client(apiKey: getenv('SURGE_API_KEY') ?: 'My API
            Key');


            try {
              $userTokenResponse = $client->users->createToken(
                'usr_01jymgdfrpec2asc5m0z3a6fr9', durationSeconds: 900
              );

              var_dump($userTokenResponse);
            } catch (APIException $e) {
              echo $e->getMessage();
            }
components:
  schemas:
    TokenParams:
      description: A request to create a token
      example:
        duration_seconds: 900
      properties:
        duration_seconds:
          description: >-
            For how many seconds the token should be accepted. Defaults to 15
            minutes.
          example: 900
          maximum: 3600
          minimum: 15
          type: integer
      title: TokenParams
      type: object
    TokenResponse:
      description: Response when token has been created successfully
      example:
        token: >-
          eyJhbGciOiJFZERTQSIsImtpZCI6InNnbl8wMWp5bWowZ3AwZjNidmJmMmpyazRoYnd0ayIsInR5cCI6IkpXVCJ9.eyJleHAiOjE3NTA4ODkyMDgsInN1YiI6InVzcl8wMWp5bWdkZnJwZWMyYXNjNW0wejNhNmZyOSJ9.zKayo3EDrUm1Hw8URrofuYwajgyTu6dH2H0FEuRExprP1IV66FHa8wC3SfdzV7sR3AjDGAwkuAXztScq6rBnBw
      properties:
        token:
          description: The created token.
          type: string
      title: TokenResponse
      type: object
    ErrorResponse:
      description: An error response
      example:
        error:
          message: The requested resource could not be found.
          type: not_found
      properties:
        error:
          $ref: '#/components/schemas/Error'
      required:
        - error
      title: ErrorResponse
      type: object
    Error:
      description: An error response
      example:
        message: The requested resource was not found.
        type: not_found
      properties:
        detail:
          additionalProperties: true
          description: Additional details about the error.
          type: object
        message:
          description: A human-readable error message.
          example: The requested resource was not found.
          type: string
        type:
          description: A unique error code.
          example: not_found
          type: string
      required:
        - type
        - message
      title: Error
      type: object
  securitySchemes:
    authorization:
      bearerFormat: Surge API token
      scheme: bearer
      type: http

````