Skip to Content

TwentyThree™ API

API Method: /api/user/get-login-token

Get a login token, which can in turn be used to log a user in to your site. The token is valid for 15 minutes.

This is the first of two steps in a single sign-on process. Here, you will get a login_token. Second, you'll need to exchange the token for cookies.


user_id (required)The system ID for the user.
return_urlThe URL the user is redirected to after login.

Permission level

The minimum required permission level is:


Example XML Response

<response status="ok" permission_level="super" 
  message="The user login token is ready to use" cached="0">

Example JSON Response

  "status": "ok", 
  "message":"The user login token is ready to use",
    "login_token": "sdjhfjlaskdf87asd6fg8s6dfg78sdioufgysdfg7", 
    "return_url": "/", 
    "user_id": "12345"
  "p": "1",
  "size": "1",
  "site": { ... },
  "endpoint": "/api/user/get-login-token"