Generate Iframe Token

curl --request POST \
  --url https://api.whatabot.app/api/v1/auth/iframe-token \
  --header 'X-Api-Key: <x-api-key>'

{
  "ott": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
  "expires_in": 30
}

POST

auth

iframe-token

Generate Iframe Token

curl --request POST \
  --url https://api.whatabot.app/api/v1/auth/iframe-token \
  --header 'X-Api-Key: <x-api-key>'

{
  "ott": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
  "expires_in": 30
}

Generate a one-time token (OTT) to authenticate an embedded iframe session. The token expires after a short period and can only be used once.

X-Api-Key

string

required

Your API key (prefixed with wh_).

{
  "ott": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
  "expires_in": 30
}

This endpoint is used in the iframe embedding authentication flow. See the Iframe Embedding guide and the Embed Authentication page for more details.