> ## Documentation Index
> Fetch the complete documentation index at: https://docs.routemcp.io/llms.txt
> Use this file to discover all available pages before exploring further.

# Create end-user-scoped connect session token (called by customer backend)

> Called by the **customer's backend** (not the browser) to create a short-lived, end-user-scoped session token for the Connect widget. Authenticate with your API key (`Authorization: Bearer sk_live_*`). The `endUserId` field is **required** — it identifies which end user is connecting a provider. The returned `token` is passed to `RouteMCPConnect.open({ token })` on the frontend. Tokens expire in 10 minutes.



## OpenAPI

````yaml /api-reference/openapi.json post /connect/token
openapi: 3.0.0
info:
  title: RouteMCP API
  description: >-
    Unified API for integrations. Connect to multiple providers through a single
    API.
  version: '1.0'
  contact: {}
servers:
  - url: https://api.routemcp.io/api/v1
    description: Production
security:
  - bearerAuth: []
tags: []
paths:
  /connect/token:
    post:
      tags:
        - Connect
      summary: >-
        Create end-user-scoped connect session token (called by customer
        backend)
      description: >-
        Called by the **customer's backend** (not the browser) to create a
        short-lived, end-user-scoped session token for the Connect widget.
        Authenticate with your API key (`Authorization: Bearer sk_live_*`). The
        `endUserId` field is **required** — it identifies which end user is
        connecting a provider. The returned `token` is passed to
        `RouteMCPConnect.open({ token })` on the frontend. Tokens expire in 10
        minutes.
      operationId: ConnectTokenController_createConnectToken
      parameters: []
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/CreateConnectTokenDto'
            example:
              endUserId: user-123
              endUserDisplayName: Jane Doe
              endUserEmail: jane@example.com
      responses:
        '201':
          description: >-
            Connect token created successfully. Pass the `token` to
            `RouteMCPConnect.open({ token })` in the browser.
          content:
            application/json:
              schema:
                type: object
                properties:
                  data:
                    type: object
                    properties:
                      token:
                        type: string
                        description: Short-lived connect token to pass to the Connect SDK
                        example: ct_a1b2c3d4e5f6...
                      expiresAt:
                        type: string
                        format: date-time
                        description: ISO 8601 expiry timestamp (10 minutes from creation)
                        example: '2026-03-11T12:10:00.000Z'
                    required:
                      - token
                      - expiresAt
                required:
                  - data
              example:
                data:
                  token: ct_a1b2c3d4e5f6...
                  expiresAt: '2026-03-11T12:10:00.000Z'
        '422':
          description: Validation Errors.
          content:
            application/json:
              schema:
                type: object
                properties:
                  success:
                    type: boolean
                    enum:
                      - false
                    example: false
                  statusCode:
                    type: integer
                    example: 400
                    default: 400
                  message:
                    type: string
                    example: Validation Errors.
                    default: Validation Errors.
                  errors:
                    type: object
                    additionalProperties:
                      type: string
                    example:
                      email: email should not be empty
                  timestamp:
                    type: string
                    format: date-time
                    example: '2026-02-06T12:00:00.000Z'
                  path:
                    type: string
                    example: /api/v1/example
                required:
                  - success
                  - statusCode
                  - message
                  - errors
                  - timestamp
                  - path
        '429':
          description: Rate limit exceeded.
          content:
            application/json:
              schema:
                type: object
                properties:
                  success:
                    type: boolean
                    enum:
                      - false
                    example: false
                  statusCode:
                    type: integer
                    example: 429
                    default: 429
                  message:
                    type: string
                    example: Too Many Requests
                    default: Too Many Requests
                  timestamp:
                    type: string
                    format: date-time
                    example: '2026-02-06T12:00:00.000Z'
                  path:
                    type: string
                    example: /api/v1/example
                required:
                  - success
                  - statusCode
                  - message
                  - timestamp
                  - path
        '500':
          description: Internal server error
          content:
            application/json:
              schema:
                type: object
                properties:
                  success:
                    type: boolean
                    enum:
                      - false
                    example: false
                  statusCode:
                    type: integer
                    example: 500
                    default: 500
                  message:
                    type: string
                    example: Internal server error.
                    default: Internal server error.
                  timestamp:
                    type: string
                    format: date-time
                    example: '2026-02-06T12:00:00.000Z'
                  path:
                    type: string
                    example: /api/v1/example
                required:
                  - success
                  - statusCode
                  - message
                  - timestamp
                  - path
      security:
        - bearerAuth: []
components:
  schemas:
    CreateConnectTokenDto:
      type: object
      properties:
        endUserId:
          type: string
          description: >-
            **Required.** Your internal ID for this end user. Used to scope
            connections and create/upsert the end_users record. Must be unique
            per user in your system.
          example: user-123
        endUserDisplayName:
          type: string
          description: Optional display name shown in the Connect widget header.
          example: Jane Doe
        endUserEmail:
          type: string
          description: Optional email address for the end user.
          example: jane@example.com
      required:
        - endUserId
      title: Connect Token
  securitySchemes:
    bearerAuth:
      type: apiKey
      in: header
      name: Authorization
      description: >-
        Enter your API key with the Bearer prefix — e.g. Bearer sk_live_xxx
        (production) or Bearer sk_test_xxx (sandbox)

````