Signup Tokens

Signup Tokens are used as temporary references to User data that can be either used to create a User or discarded. They are useful for workflows where a user begins a signup process, but one or more additional steps must be completed before the signup is finalized, such as validating payment information. Discarding a Signup Token is easier than tracking and deleting an actual User object.

Multiple Signup Tokens for a given user may exist at once, even though only one can eventually be converted into a User. This simplifies form resubmittals or similar parts of the signup workflow.

Signup Tokens were formerly called User Tokens, which is the reason for legacy references to user_token below. Despite the legacy naming, thinking about them using the current terminology will be helpful in understanding their purpose and use.

Fields

FieldValueReq/DefaultNotes
id id Auto-generated

Signup Token ID. Always starts with “utk_”. Example: utk_USkWvq7fl3LlYPKvqtxBq

username string Required Must be unique within Realm.
email string Required Optional if Realm uses emails for usernames.
first_name string Optional
last_name string Optional
password string Required
password_confirmation string Optional
credential_type string Auto-generated Type of credential stored with the Signup Token
realm_id realm_id Required

Permissions

MethodPermissions
Get read
Create write

Get a signup token

Retrieve a signup token.

Request

Example
GET /v1/user_tokens/:token_id
AuthRocket::UserToken.find 'utk_0v6O8c6RsC9A5e2Fa9n5WX'

Response

Example

Status: 200

{ "id" : "utk_0v6O8c6RsC9A5e2Fa9n5WX",
  "first_name" : null,
  "last_name" : null,
  "email" : "sally@example.com",
  "username" : "sally",
  "object" : "user_token",
  "credential_type" : "password"
}
#<AuthRocket::UserToken:0x3fc218979018>
  id: "utk_0v6O8c6RsC9A5e2Fa9n5WX",
  attribs: {
    "username"=>"sally",
    "email"=>"sally@example.com",
    "first_name"=>nil,
    "last_name"=>nil,
    "object"=>"user_token",
    "credential_type"=>"password"
  }

Create a signup token

Create a new signup token.

Request

Example
POST /v1/user_tokens
{ "user_token" :
  { "realm_id" : "rl_0v2FcFcZnv8qpG1XWoyN9P",
    "username" : "sally",
    "email" : "sally@example.com",
    "password" : "secret",
    "password_confirmation" : "secret"
  }
}
token = AuthRocket::UserToken.create!(
  username: 'sally',
  email: 'sally@example.com',
  password: 'secret',
  password_confirmation: 'secret',
  realm_id: 'rl_0v2FcFcZnv8qpG1XWoyN9P'
)

Response

Example

Status: 201, with same body as Get a Signup Token.

On success, returns same object as Get a Signup Token.

On failure, returns an object without an id, but with errors:

# => #<AuthRocket::UserToken:0x3fde5fa18df8> id: nil, ...
token.errors?
# => true
token.valid?
# => false
token.errors
# => ["Username can't be blank"]

Questions? Find a Typo? Get in touch.