> ## Documentation Index > Fetch the complete documentation index at: https://docs.corbado.com/llms.txt > Use this file to discover all available pages before exploring further. # Create a connectToken > Creates a new ConnectToken, which is essential for [Corbado Connect](/corbado-connect). ConnectTokens authorize actions that modify user data. Consult the [Documentation](/corbado-connect/concepts/connect-token) for more details. ## OpenAPI ````yaml https://backendapi.cloud.corbado.io/v2/openapi.yaml post /connectTokens openapi: 3.0.3 info: version: 2.0.0 title: Corbado Backend API description: > # Introduction This documentation gives an overview of all Corbado Backend API calls to implement passwordless authentication with Passkeys. contact: name: Corbado team email: support@corbado.com url: https://www.corbado.com servers: - url: https://backendapi.corbado.io/v2 security: - basicAuth: [] tags: - name: Users description: All API calls to manage users - name: Sessions description: All API calls to manage sessions - name: Challenges description: All API calls to manage challenges - name: Identifiers description: All API calls to manage login identifiers - name: Passkeys description: All API calls for passkey flows - name: SSO description: All API calls for SSO flows - name: AuthEvents description: All API calls to manage authentication events - name: PasskeyEvents description: All API calls to manage passkey events - name: ProjectConfig description: All API calls to manage project configurations - name: ConnectTokens description: All API calls to manage connectTokens - name: PasskeyChallenges description: All API calls to manage passkey challenges - name: WebhookEndpoints description: All API calls to manage webhook endpoints - name: PasswordManagers description: All API calls to manage password managers - name: ClientEnvs description: All API calls to manage client environments - name: Devices description: All API calls to manage devices - name: Exports description: All API calls to manage project export files paths: /connectTokens: post: tags: - ConnectTokens summary: Create a connectToken description: > Creates a new ConnectToken, which is essential for [Corbado Connect](/corbado-connect). ConnectTokens authorize actions that modify user data. Consult the [Documentation](/corbado-connect/concepts/connect-token) for more details. operationId: ConnectTokenCreate requestBody: required: true content: application/json: schema: $ref: '#/components/schemas/connectTokenCreateReq' responses: '200': description: ConnectToken has been created. content: application/json: schema: $ref: '#/components/schemas/connectToken' default: $ref: '#/components/responses/error' security: - basicAuth: [] components: schemas: connectTokenCreateReq: type: object required: - type - data properties: type: $ref: '#/components/schemas/connectTokenType' data: $ref: '#/components/schemas/connectTokenData' maxLifetimeInSeconds: type: integer description: Maximum lifetime of the connectToken in seconds. example: 3600 connectToken: type: object required: - id - tokenType - data - connectTokenStatus - expires properties: id: type: string description: Unique identifier of the connectToken. example: ctk-940364795071150919 tokenType: $ref: '#/components/schemas/connectTokenType' data: $ref: '#/components/schemas/connectTokenData' connectTokenStatus: $ref: '#/components/schemas/connectTokenStatus' secret: type: string description: Secret of the connectToken. example: ctk1_sxmexzS7RFBaJSA4V4kBFPs45bkxMK expires: type: integer description: >- Unix time of when the connectToken expires (in seconds elapsed since January 1, 1970, 00:00:00 UTC). example: 1752749184 connectTokenType: type: string enum: - passkey-append - passkey-delete - passkey-list - passkey-login connectTokenData: type: object oneOf: - $ref: '#/components/schemas/connectTokenDataPasskeyAppend' - $ref: '#/components/schemas/connectTokenDataPasskeyDelete' - $ref: '#/components/schemas/connectTokenDataPasskeyList' - $ref: '#/components/schemas/connectTokenDataPasskeyLogin' connectTokenStatus: type: string enum: - initial - consumed connectTokenDataPasskeyAppend: type: object description: Data for `passkey-append`. required: - displayName - identifier properties: displayName: type: string description: Display name of the user. example: Jane Doe identifier: type: string description: Login identifier of the user (here email address). example: jane@doe.com connectTokenDataPasskeyDelete: type: object description: Data for `passkey-delete`. required: - identifier properties: identifier: type: string description: Login identifier of the user (here email address). example: jane@doe.com connectTokenDataPasskeyList: type: object description: Data for `passkey-list`. required: - identifier properties: identifier: type: string description: Login identifier of the user (here email address). example: jane@doe.com connectTokenDataPasskeyLogin: type: object description: Data for `passkey-login`. required: - identifier properties: identifier: type: string description: Login identifier of the user (here email address). example: jane@doe.com responses: error: description: Error content: application/json: schema: allOf: - type: object required: - httpStatusCode - message - requestData - runtime properties: httpStatusCode: description: HTTP status code of operation type: integer format: int32 message: type: string example: OK requestData: description: Data about the request itself, can be used for debugging type: object required: - requestID properties: requestID: description: >- Unique ID of request, you can provide your own while making the request, if not the ID will be randomly generated on server side type: string example: req-557...663 link: description: Link to dashboard with details about request type: string example: >- https://my.corbado.com/requests/req-xxxxxxxxxxxxxxxxxxx runtime: description: Runtime in seconds for this request type: number format: float example: 0.06167686 - type: object required: - error properties: data: type: object error: type: object required: - type properties: type: description: Type of error type: string details: description: Details of error type: string validation: description: Validation errors per field type: array items: type: object required: - field - message properties: field: type: string message: type: string links: description: Additional links to help understand the error type: array items: type: string securitySchemes: basicAuth: type: http scheme: basic description: > Basic authentication is used to authenticate requests to the Backend API. The username is the project ID and the password is the API secret. The project ID and API secret can be found in the [Developer Panel](https://app.corbado.com/settings/api-secrets). ````