Skip to main content
POST
/
authorisations
Records a user accepting a authorisation term.
curl --request POST \
  --url https://api.sandbox.goteal.co/authorisations \
  --header 'Content-Type: application/json' \
  --header 'X-API-KEY: <api-key>' \
  --data '
{
  "user_id": "95a0e70b-fe02-4f47-aef9-2efff279df71",
  "user_agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36",
  "term_id": "550e8400-e29b-41d4-a716-446655440000",
  "ip_address": "192.168.1.1",
  "fingerprint": "a1b2c3d4e5f6g7h8i9j0k1l2m3n4o5p6"
}
'
{
  "id": "7f3b8c2a-1d4e-5f6g-7h8i-9j0k1l2m3n4o",
  "status": "active",
  "ip_address": "192.168.1.1",
  "is_valid": true,
  "accepted_at": "2019-05-17T00:00:00.000Z",
  "created_at": "2019-05-17T00:00:00.000Z",
  "user_id": "95a0e70b-fe02-4f47-aef9-2efff279df71",
  "user_agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36",
  "revoked_at": "2019-05-17T00:00:00.000Z",
  "term_id": "550e8400-e29b-41d4-a716-446655440000",
  "fingerprint": "a1b2c3d4e5f6g7h8i9j0k1l2m3n4o5p6"
}

Authorizations

X-API-KEY
string
header
required

Body

application/json
user_id
string<uuid>
required

The ID of the user accepting the authorisation

Example:

"95a0e70b-fe02-4f47-aef9-2efff279df71"

user_agent
string
required

User agent string of the browser or application

Example:

"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36"

term_id
string<uuid>

The ID of the authorisation term being accepted. If not provided, auto-resolves to the latest active term based on user's recurring check configuration.

Example:

"550e8400-e29b-41d4-a716-446655440000"

ip_address
string

Optional IP address of the user. If not provided, captured from request headers. Use when recording authorisation via server-to-server calls.

Example:

"192.168.1.1"

fingerprint
string

Optional device or browser fingerprint for additional verification

Example:

"a1b2c3d4e5f6g7h8i9j0k1l2m3n4o5p6"

Response

Created

id
string<uuid>
required

Unique identifier for the authorisation record

Example:

"7f3b8c2a-1d4e-5f6g-7h8i-9j0k1l2m3n4o"

status
enum<string>
required

The status of a authorisation record

Available options:
active,
revoked
Example:

"active"

ip_address
string
required

Optional IP address of the user. If not provided, captured from request headers. Use when recording authorisation via server-to-server calls.

Example:

"192.168.1.1"

is_valid
boolean
required

Whether this authorisation is currently valid. True when status is active AND the associated term is active.

Example:

true

accepted_at
string<date-time>
required

Server timestamp when the authorisation was accepted

Example:

"2019-05-17T00:00:00.000Z"

created_at
string<date-time>
required

When the authorisation record was created

Example:

"2019-05-17T00:00:00.000Z"

user_id
string<uuid>
required

The ID of the user accepting the authorisation

Example:

"95a0e70b-fe02-4f47-aef9-2efff279df71"

user_agent
string
required

User agent string of the browser or application

Example:

"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36"

revoked_at
string<date-time> | null

Server timestamp when the authorisation was revoked

Example:

"2019-05-17T00:00:00.000Z"

term_id
string<uuid>

The ID of the authorisation term being accepted. If not provided, auto-resolves to the latest active term based on user's recurring check configuration.

Example:

"550e8400-e29b-41d4-a716-446655440000"

fingerprint
string

Optional device or browser fingerprint for additional verification

Example:

"a1b2c3d4e5f6g7h8i9j0k1l2m3n4o5p6"