Reissue Token
POST
/api/canvas/{deal_id}/token/reissue
const url = 'https://example.com/api/canvas/example/token/reissue';const options = {method: 'POST'};
try { const response = await fetch(url, options); const data = await response.json(); console.log(data);} catch (error) { console.error(error);}curl --request POST \ --url https://example.com/api/canvas/example/token/reissueReissue a fresh token from an expired one.
Unlike /token/refresh, this accepts EXPIRED tokens. The token’s signature is still verified to prove it was legitimately issued by this service. User access is re-verified via the deal queue or Canvas session.
Security model:
- Signature verification proves token authenticity (rejects forged tokens)
- Deal queue lookup proves user is authorized for the deal
- Canvas session fallback verifies the session creator
Args: deal_id: Deal ID the token should be scoped to
Returns: {“token”: “<new_jwt>”, “expires_in_minutes”: 480}
Raises: 401: Token signature invalid, missing, or user not authorized 403: Token’s deal_id doesn’t match the path
Parameters
Section titled “ Parameters ”Path Parameters
Section titled “Path Parameters ” deal_id
required
Deal Id
string
Responses
Section titled “ Responses ”Successful Response
Media type application/json
RefreshTokenResponse
Response from token refresh / reissue / superadmin-token endpoints.
object
token
required
Token
string
expires_in_minutes
required
Expires In Minutes
integer
Example generated
{ "token": "example", "expires_in_minutes": 1}Validation Error
Media type application/json
HTTPValidationError
object
detail
Detail
Array<object>
ValidationErrorobject
loc
required
Location
Array
msg
required
Message
string
type
required
Error Type
string
input
Input
ctx
Context
object
Example generated
{ "detail": [ { "loc": [ "example" ], "msg": "example", "type": "example", "input": "example", "ctx": {} } ]}