Skip to main content
Why does the response of REST endpoint “POST /auth/access-key/exchange” reveal a password?
Elisa Dinsmore avatar
Written by Elisa Dinsmore
Updated over a week ago

This article is for Flatfile's Portal 2.0, Portal 3.0, and Workspaces. If you'd like to check out the latest version of the Flatfile Data Exchange Platform, click here!

mceclip0.png

The REST endpoint `POST /auth/access-key/exchange` allows you to exchange a valid access key for a new access token. Keep in mind that tokens expire, but keys do not. When called, the REST endpoint generates new credentials as a token. It does not show or expose any existing login credentials or passwords. In a way, it is a reduction of privileges, and you are using the admin password, or access key, for the team to generate a set of expiring credentials to share access with someone temporarily.

Did this answer your question?