Exchange a service token for an app token

GET 
/api/auth/token/:accountShortGuid

Validates the service token from the Authorization header against the specified account, then issues a new JWT app token and refresh token pair. The service token must be active and associated with the given account. Requires the service role.

Request

Responses

200

Returns the JWT app token and refresh token.

401

Authentication failed — the service token is missing, invalid, or inactive.

404

The account or service token was not found.

500

An unexpected server error occurred.