Skip to main content
Only a super Admin user is allowed to proceed with this flow.Make sure to either:
  • Send a valid Authorization header with of type Bearer TOKEN_VALUE where TOKEN_VALUE is the token generated for the super admin.
  • In case your app supports cookie, you can enable request cookies as our API Automatically sets a cookie named session-token which is forwarded with each request to our api.
To create a machine or service user who can access the API programmatically, you would need to make a POST request to the following endpoint: 
curl --request POST \
  --url https://dev-iam.razi.ai/v1/authorization/machine-users \
  --header 'Authorization: Bearer YOUR_SECRET_TOKEN' \
  --header 'Content-Type: application/json' \
  --header 'X-App-Name: ' \
  --data '{
  "userName": "robot"
}'
Upon successful creation of the machine user, you will receive a response similar to the below: 
{
    "machineUserId": "280719066056893738",
    "clientId": "example-client-id",
    "clientSecret": "zNUTk6frtcdrpEbRiOYx3lGjZpou1oRGVxt40SUj2qkBzUVh8gybTmOObmFvDPKw"
}
Use the clientId and clientSecret generated to generate the access token for the machine user to authenticate and access the services. Store the secrets in a safe and secure place as you will not be able to retrieve them after.
Please note that the client secrets should be unique to each application. Each application should generate its own set of client secret.
Link to Playground