--- title: "Create: JWT type" url: https://www.tines.com/docs/api/credentials/create-jwt/ updated: 2026-04-02T11:20:05+00:00 description: Use a HTTP POST request to create a [JWT tokens](/docs/credentials/jwt) credential. --- *[tines.com](https://www.tines.com/llms.txt) › [Docs](https://www.tines.com/llms.txt) › [Tines API](https://www.tines.com/llms.txt) › [Credentials](https://www.tines.com/llm/docs/api/credentials.md)* # Create: JWT type *[View on tines.com](https://www.tines.com/docs/api/credentials/create-jwt/)* ## Description Use a HTTP POST request to create a [JWT tokens](/docs/credentials/jwt) credential. ## Request HTTP Method: **POST** | Parameter | Description | | ------------------------------------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | name | Name of the credential. | | mode | Describes the type of credential (`JWT`) | | jwt_algorithm | The algorithm to be used when computing the JWT | | jwt_payload | The payload to be included in the JWT | | jwt_auto_generate_time_claims | Auto generate ‘iat’ & ‘exp’ claims | | jwt_private_key | The private key to be used to sign the JWT | | team_id | ID of Tines Team where the credential will be located. | | folder_id | **Optional** ID of folder to which the credential will be located | | read_access | **Optional** Control where this credential can be used (`TEAM`, `GLOBAL`, `SPECIFIC_TEAMS`). default: `TEAM`. (`SPECIFIC_TEAMS` is a premium feature. [Reach out to find out more](https://tines.com/contact-support).) | | shared_team_slugs | **Optional** List of teams' slugs where this credential can be used. Required to set `read_access` to `SPECIFIC_TEAMS`. default: `[]` (empty array). | | description | **Optional** Description of the credential. default: `""` (empty string). | | metadata | **Optional** Key/value metadata relevant to the credential that can be referenced via the INFO path. | | allowed_hosts | **Optional** Array of domains where this credential can only be used in HTTP requests. Domain matching supports wildcards. | | live_credential_id | **Optional** ID of the live credential | | expires_at | **Optional** ISO 8601 Timestamp representing date and time the credential will expire. Default: `null`. See: [Credential expiry](https://www.tines.com/docs/credentials/credential-configuration/expiry) | | expiry_notifications_enabled | **Optional** A boolean value stating whether or not expiry notifications are enabled. Default: `false`. See: [Credential expiry email reminders](https://www.tines.com/docs/credentials/credential-configuration/expiry/#email-reminders) | | credential_notification_recipient_user_ids | **Optional** List of user IDs that will be sent credential notifications (e.g. expiry notifications) | ### Sample request ```bash curl -X POST \ https:///api/v1/user_credentials \ -H 'content-type: application/json' \ -H 'Authorization: Bearer <>' \ -d '{ "name": "jwt credential", "mode": "JWT", "team_id": 2, "jwt_algorithm": "RS256", "jwt_payload": { "iss": "", "sub": "", "scope": "", "aud": "" }, "jwt_auto_generate_time_claims": true, "jwt_private_key": "" }' ``` ## Response A successful request will return a JSON object describing the created credential. ### Field description | Parameter | Description | | ------------------------------------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | id | credential ID. | | name | Name of the credential. | | mode | Describes the type of credential (`TEXT, JWT, OAUTH, AWS, MTLS, HTTP_REQUEST_AGENT, MULTI_REQUEST`). | | team_id | ID of team to which the credential belongs. | | folder_id | ID of folder to which the credential belongs. | | read_access | Control where this credential can be used (`TEAM`, `GLOBAL`, `SPECIFIC_TEAMS`). | | shared_team_slugs | List of teams' slugs where this credential can be used when `read_access` is `SPECIFIC_TEAMS`, otherwise empty. | | description | Description of the credential. | | slug | An underscored representation of the credential name | | created_at | ISO 8601 Timestamp representing date and time the credential was created. | | updated_at | ISO 8601 Timestamp representing date and time the credential was last updated. | | allowed_hosts | Array of domains where this credential can only be used in HTTP requests. | | metadata | Key/value metadata relevant to the credential | | restriction_type | The type of restriction applied to the use of the credential (`RESTRICTED`,`RESTRICTED_TO_CREDENTIALS` ,`UNRESTRICTED` ) | | test_credential_enabled | A boolean value stating if the credential is enabled for using a test credential | | test_credential | Data specific to the test credential (`created_at` and `updated_at`) | | owner | An object representing the user who owns this credential. By default, the owner is the user who created the credential. | | expires_at | ISO 8601 Timestamp representing date and time the credential will expire. Default: `null`. See: [Credential expiry](https://www.tines.com/docs/credentials/credential-configuration/expiry) | | expiry_notifications_enabled | A boolean value stating whether or not expiry notifications are enabled. Default: `false`. See: [Credential expiry email reminders](https://www.tines.com/docs/credentials/credential-configuration/expiry/#email-reminders) | | credential_notification_recipient_user_ids | List of user IDs that will be sent credential notifications (e.g. expiry notifications) | ### Sample response ```json { "id": 1, "name": "tines_api_credential", "mode": "JWT", "team_id": 2, "folder_id": 1, "read_access": "TEAM", "shared_team_slugs": [], "slug": "tines_api_credential", "created_at": "2021-03-26T12:34:16.540Z", "updated_at": "2021-03-26T12:34:16.540Z", "description": "", "allowed_hosts": [], "metadata": {}, "restriction_type": "UNRESTRICTED", "test_credential_enabled": false, "owner": { "user_id": 1, "first_name": "Jane", "last_name": "Doe", "email": "jane@tines.io" } } ```