> ## Documentation Index
> Fetch the complete documentation index at: https://openwearables.io/docs/llms.txt
> Use this file to discover all available pages before exploring further.

# Create User Token

> Exchange app credentials or admin auth for user-scoped access token.

Supports two authentication methods:
1. App credentials: Provide app_id and app_secret in the request body
2. Admin authentication: Authenticate as a developer/admin via Bearer token
   (app_id and app_secret can be omitted)

Both methods return access_token with refresh_token.

Returns a JWT token scoped to SDK endpoints only.
Tokens expire after configured time (default: 60 minutes).

Args:
    user_id: OpenWearables User ID (UUID)
    payload: Optional application credentials (app_id, app_secret)
    db: Database session
    developer: Optional authenticated developer (from Bearer token)

Returns:
    TokenResponse containing access_token, token_type, and refresh_token

Raises:
    401: If app credentials are invalid or admin auth is missing
    400: If neither app credentials nor admin auth is provided



## OpenAPI

````yaml https://api.openwearables.io/openapi.json post /api/v1/users/{user_id}/token
openapi: 3.1.0
info:
  title: Open Wearables API
  version: 0.1.0
servers: []
security: []
paths:
  /api/v1/users/{user_id}/token:
    post:
      tags:
        - 'External: Mobile SDK'
      summary: Create User Token
      description: >-
        Exchange app credentials or admin auth for user-scoped access token.


        Supports two authentication methods:

        1. App credentials: Provide app_id and app_secret in the request body

        2. Admin authentication: Authenticate as a developer/admin via Bearer
        token
           (app_id and app_secret can be omitted)

        Both methods return access_token with refresh_token.


        Returns a JWT token scoped to SDK endpoints only.

        Tokens expire after configured time (default: 60 minutes).


        Args:
            user_id: OpenWearables User ID (UUID)
            payload: Optional application credentials (app_id, app_secret)
            db: Database session
            developer: Optional authenticated developer (from Bearer token)

        Returns:
            TokenResponse containing access_token, token_type, and refresh_token

        Raises:
            401: If app credentials are invalid or admin auth is missing
            400: If neither app credentials nor admin auth is provided
      operationId: create_user_token_api_v1_users__user_id__token_post
      parameters:
        - name: user_id
          in: path
          required: true
          schema:
            type: string
            format: uuid
            title: User Id
      requestBody:
        content:
          application/json:
            schema:
              anyOf:
                - $ref: '#/components/schemas/SDKTokenRequest'
                - type: 'null'
              title: Payload
      responses:
        '200':
          description: Successful Response
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/TokenResponse'
        '422':
          description: Validation Error
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/HTTPValidationError'
      security:
        - OAuth2PasswordBearer: []
components:
  schemas:
    SDKTokenRequest:
      properties:
        app_id:
          anyOf:
            - type: string
            - type: 'null'
          title: App Id
        app_secret:
          anyOf:
            - type: string
            - type: 'null'
          title: App Secret
      type: object
      title: SDKTokenRequest
      description: >-
        Request schema for exchanging app credentials for user token.


        Both fields are optional - if not provided, admin authentication is
        required.
    TokenResponse:
      properties:
        access_token:
          type: string
          title: Access Token
        token_type:
          type: string
          title: Token Type
          default: bearer
        refresh_token:
          anyOf:
            - type: string
            - type: 'null'
          title: Refresh Token
        expires_in:
          anyOf:
            - type: integer
            - type: 'null'
          title: Expires In
      type: object
      required:
        - access_token
      title: TokenResponse
      description: Token response with optional refresh token.
    HTTPValidationError:
      properties:
        detail:
          items:
            $ref: '#/components/schemas/ValidationError'
          type: array
          title: Detail
      type: object
      title: HTTPValidationError
    ValidationError:
      properties:
        loc:
          items:
            anyOf:
              - type: string
              - type: integer
          type: array
          title: Location
        msg:
          type: string
          title: Message
        type:
          type: string
          title: Error Type
        input:
          title: Input
        ctx:
          type: object
          title: Context
      type: object
      required:
        - loc
        - msg
        - type
      title: ValidationError
  securitySchemes:
    OAuth2PasswordBearer:
      type: oauth2
      flows:
        password:
          scopes: {}
          tokenUrl: /api/v1/auth/login

````