cURL
curl -X GET "https://production.runalloy.com/users/{userId}/token?userId={{userId}}" \
-H "Authorization: bearer YOUR_API_KEY" \
-H "x-api-version: 2025-09"import requests
url = "https://production.runalloy.com/users/{userId}/token"
params = {"userId": "{{userId}}"}
headers = {
"Authorization": "bearer YOUR_API_KEY",
"x-api-version": "2025-09"
}
response = requests.get(url, params=params, headers=headers)
print(response.json())const userId = "{{userId}}";
const url = `https://production.runalloy.com/users/${userId}/token?userId=${userId}`;
fetch(url, {
method: "GET",
headers: {
"Authorization": "bearer YOUR_API_KEY",
"x-api-version": "2025-09"
}
})
.then(response => response.json())
.then(data => console.log(data))
.catch(error => console.error("Error:", error));<?php
$userId = "{{userId}}";
$url = "https://production.runalloy.com/users/{$userId}/token?userId=" . urlencode($userId);
$ch = curl_init($url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_HTTPHEADER, [
"Authorization: bearer YOUR_API_KEY",
"x-api-version: 2025-09"
]);
$response = curl_exec($ch);
curl_close($ch);
$data = json_decode($response, true);
print_r($data);
?>package main
import (
"encoding/json"
"fmt"
"io"
"net/http"
"net/url"
)
func main() {
userId := "{{userId}}"
baseURL := "https://production.runalloy.com/users/" + userId + "/token"
params := url.Values{}
params.Add("userId", userId)
fullURL := baseURL + "?" + params.Encode()
req, _ := http.NewRequest("GET", fullURL, nil)
req.Header.Set("Authorization", "bearer YOUR_API_KEY")
req.Header.Set("x-api-version", "2025-09")
client := &http.Client{}
resp, _ := client.Do(req)
defer resp.Body.Close()
body, _ := io.ReadAll(resp.Body)
var data map[string]interface{}
json.Unmarshal(body, &data)
fmt.Println(data)
}import java.net.HttpURLConnection;
import java.net.URL;
import java.io.BufferedReader;
import java.io.InputStreamReader;
import com.google.gson.Gson;
import java.util.Map;
public class Example {
public static void main(String[] args) throws Exception {
String userId = "{{userId}}";
String baseUrl = "https://production.runalloy.com/users/" + userId + "/token";
String urlString = baseUrl + "?userId=" + java.net.URLEncoder.encode(userId, "UTF-8");
URL url = new URL(urlString);
HttpURLConnection conn = (HttpURLConnection) url.openConnection();
conn.setRequestMethod("GET");
conn.setRequestProperty("Authorization", "bearer YOUR_API_KEY");
conn.setRequestProperty("x-api-version", "2025-09");
BufferedReader in = new BufferedReader(new InputStreamReader(conn.getInputStream()));
String inputLine;
StringBuilder response = new StringBuilder();
while ((inputLine = in.readLine()) != null) {
response.append(inputLine);
}
in.close();
Gson gson = new Gson();
Map<String, Object> data = gson.fromJson(response.toString(), Map.class);
System.out.println(data);
}
}require 'net/http'
require 'json'
require 'uri'
userId = "{{userId}}"
base_url = "https://production.runalloy.com/users/#{userId}/token"
uri = URI(base_url)
params = { userId: userId }
uri.query = URI.encode_www_form(params)
http = Net::HTTP.new(uri.host, uri.port)
http.use_ssl = true
request = Net::HTTP::Get.new(uri)
request['Authorization'] = 'bearer YOUR_API_KEY'
request['x-api-version'] = '2025-09'
response = http.request(request)
data = JSON.parse(response.body)
puts data{
"token": "XXXXXXXXXXXXXX.YYYYYYYYYYYYYY.ZZZZZZZZZZZZZZ"
}Authentication
Generate JWT Token
This endpoint is used to generate a new user token in the form of a JSON Web Token (JWT) which is required to securely render the Embedded Modal in your application. Once retrieved, you’ll want to pass this token to your frontend.
GET
/
users
/
{userId}
/
token
cURL
curl -X GET "https://production.runalloy.com/users/{userId}/token?userId={{userId}}" \
-H "Authorization: bearer YOUR_API_KEY" \
-H "x-api-version: 2025-09"import requests
url = "https://production.runalloy.com/users/{userId}/token"
params = {"userId": "{{userId}}"}
headers = {
"Authorization": "bearer YOUR_API_KEY",
"x-api-version": "2025-09"
}
response = requests.get(url, params=params, headers=headers)
print(response.json())const userId = "{{userId}}";
const url = `https://production.runalloy.com/users/${userId}/token?userId=${userId}`;
fetch(url, {
method: "GET",
headers: {
"Authorization": "bearer YOUR_API_KEY",
"x-api-version": "2025-09"
}
})
.then(response => response.json())
.then(data => console.log(data))
.catch(error => console.error("Error:", error));<?php
$userId = "{{userId}}";
$url = "https://production.runalloy.com/users/{$userId}/token?userId=" . urlencode($userId);
$ch = curl_init($url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_HTTPHEADER, [
"Authorization: bearer YOUR_API_KEY",
"x-api-version: 2025-09"
]);
$response = curl_exec($ch);
curl_close($ch);
$data = json_decode($response, true);
print_r($data);
?>package main
import (
"encoding/json"
"fmt"
"io"
"net/http"
"net/url"
)
func main() {
userId := "{{userId}}"
baseURL := "https://production.runalloy.com/users/" + userId + "/token"
params := url.Values{}
params.Add("userId", userId)
fullURL := baseURL + "?" + params.Encode()
req, _ := http.NewRequest("GET", fullURL, nil)
req.Header.Set("Authorization", "bearer YOUR_API_KEY")
req.Header.Set("x-api-version", "2025-09")
client := &http.Client{}
resp, _ := client.Do(req)
defer resp.Body.Close()
body, _ := io.ReadAll(resp.Body)
var data map[string]interface{}
json.Unmarshal(body, &data)
fmt.Println(data)
}import java.net.HttpURLConnection;
import java.net.URL;
import java.io.BufferedReader;
import java.io.InputStreamReader;
import com.google.gson.Gson;
import java.util.Map;
public class Example {
public static void main(String[] args) throws Exception {
String userId = "{{userId}}";
String baseUrl = "https://production.runalloy.com/users/" + userId + "/token";
String urlString = baseUrl + "?userId=" + java.net.URLEncoder.encode(userId, "UTF-8");
URL url = new URL(urlString);
HttpURLConnection conn = (HttpURLConnection) url.openConnection();
conn.setRequestMethod("GET");
conn.setRequestProperty("Authorization", "bearer YOUR_API_KEY");
conn.setRequestProperty("x-api-version", "2025-09");
BufferedReader in = new BufferedReader(new InputStreamReader(conn.getInputStream()));
String inputLine;
StringBuilder response = new StringBuilder();
while ((inputLine = in.readLine()) != null) {
response.append(inputLine);
}
in.close();
Gson gson = new Gson();
Map<String, Object> data = gson.fromJson(response.toString(), Map.class);
System.out.println(data);
}
}require 'net/http'
require 'json'
require 'uri'
userId = "{{userId}}"
base_url = "https://production.runalloy.com/users/#{userId}/token"
uri = URI(base_url)
params = { userId: userId }
uri.query = URI.encode_www_form(params)
http = Net::HTTP.new(uri.host, uri.port)
http.use_ssl = true
request = Net::HTTP::Get.new(uri)
request['Authorization'] = 'bearer YOUR_API_KEY'
request['x-api-version'] = '2025-09'
response = http.request(request)
data = JSON.parse(response.body)
puts data{
"token": "XXXXXXXXXXXXXX.YYYYYYYYYYYYYY.ZZZZZZZZZZZZZZ"
}Headers
The version of the API to use. The current API version is 2025-09.
Query Parameters
The Id of the user you want to lookup. Returned from the Create User endpoint. Note: you can also use the Embedded user's username in this field.
Response
200 - application/json
200
Example:
"XXXXXXXXXXXXXX.YYYYYYYYYYYYYY.ZZZZZZZZZZZZZZ"
⌘I

