Skip to content

Generate Autograb SSO token

POST
/api/v1/autograb/tokens
curl --request POST \
--url https://dashboard.dealerstudio.com.au/api/v1/autograb/tokens \
--header 'Authorization: Bearer <token>' \
--header 'Content-Type: application/json' \
--data '{ "email": "example" }'

Called server-to-server by Autograb when a user clicks “Sign in with Autograb”. DS looks up the user by email, generates a short-lived opaque token, stores it in Redis with a 10-minute TTL, and returns a redirect_url for AG to send the user’s browser to. Requires the create:autograb_token permission.

Media type application/json
object
email
required

Email address of the Autograb user

string
Example generated
{
"email": "example"
}

Token generated — redirect_url ready for browser redirect

Media type application/json
object
redirect_url
required

Full URL for AG to redirect the user’s browser to

string
expires_at
required

ISO8601 expiry timestamp

string format: date-time
Example generated
{
"redirect_url": "example",
"expires_at": "2026-04-15T12:00:00Z"
}

Email param missing

Media type application/json
object
error
string
Example
{
"error": "email_required"
}

Unauthorized - invalid API key

Forbidden - missing create:autograb_token permission

No DS account for this email

Media type application/json
object
error
string
Example
{
"error": "no_ds_account"
}