curl --request POST \
  --url https://api.velt.dev/v2/auth/generate_signature \
  --header 'Content-Type: application/json' \
  --header 'x-velt-api-key: <api-key>' \
  --header 'x-velt-auth-token: <api-key>' \
  --data '{
  "data": {
    "permissions": [
      {
        "userId": "user123",
        "resourceId": "document456",
        "type": "document",
        "hasAccess": true,
        "accessRole": "viewer",
        "expiresAt": 1759745729823
      }
    ]
  }
}'

{
  "result": {
    "status": "success",
    "message": "Signature generated successfully.",
    "data": {
      "signature": "a1b2c3d4e5f67890abcdef1234567890"
    }
  }
}

Auth

Generate Signature

Use this API to generate a secure signature for Permission Provider responses. The signature validates the integrity of permission decisions returned from your authorization service.

Security Critical: This endpoint must be called from your backend server, never from client-side code. The signature ensures that permission responses haven’t been tampered with.

Use Case: This API is used in conjunction with the Permission Provider configuration mode. When your onResourceAccessRequired function is called, use this endpoint to generate a secure signature for your permission response.

Key Points:

Each permission object must include userId, resourceId, type, and hasAccess
For document resources, can specify accessRole: viewer or editor
Optional expiresAt timestamp (in milliseconds) for time-limited permissions
Resource types: document, folder, or organization

📚 Full Documentation: https://docs.velt.dev/api-reference/rest-apis/v2/auth/generate-signature

POST

auth

generate_signature

curl --request POST \
  --url https://api.velt.dev/v2/auth/generate_signature \
  --header 'Content-Type: application/json' \
  --header 'x-velt-api-key: <api-key>' \
  --header 'x-velt-auth-token: <api-key>' \
  --data '{
  "data": {
    "permissions": [
      {
        "userId": "user123",
        "resourceId": "document456",
        "type": "document",
        "hasAccess": true,
        "accessRole": "viewer",
        "expiresAt": 1759745729823
      }
    ]
  }
}'

{
  "result": {
    "status": "success",
    "message": "Signature generated successfully.",
    "data": {
      "signature": "a1b2c3d4e5f67890abcdef1234567890"
    }
  }
}

Authorizations

x-velt-api-key

string

header

required

Your API key from the Velt Console

x-velt-auth-token

string

header

required

Your Auth Token for authentication

Body

application/json

data

object

required

Show child attributes

Response

Signature generated successfully

result

object

Show child attributes

Add Permissions Get Permissions

⌘I

REST APIs

SDK

Generate Signature

Authorizations

Body

Response