Use platform token authentication

This is for:

In this article

Platform tokens are special JSON web tokens that can be used to query almost any Coveo API as a specific user. You can generate platform tokens by making a call to the Authorization Server API.


Request a platform token

To request a platform token, make a POST request to<MY_ORGANIZATION>/tokens. You must also specify a validityPeriod in your request, after which the token will expire. The default is 24 hours (validityPeriod=PT24H).

To test the service on Coveo, use the Swagger UI.

The caller must authenticate using an API key with the privilege to impersonate users.

Sample request

POST<MY_ORGANIZATION>/tokens?validityPeriod=PT24H HTTP/1.1

Content-Type: application/json
Accept: application/json
Authorization: Bearer **********-****-****-****-************


  "body": {
    "additionalConfiguration": {
      "analytics": {
        "event": {
          "userDisplayName": "Alice Smith",
          "userId": "12345678"
      "search": {
        "userIds": [
            "name": "",
            "provider": "Email Security Provider",
            "type": "User"
    "organizationId": "<MY_ORGANIZATION>",
    "privileges": [
        "level": "NORMAL",
        "owner": "CUSTOMER_SERVICE",
        "targetDomain": "USE_CASE_ASSIST",
        "targetId": "*",
        "type": "ENABLE"

Successful response

200 OK

  "token": "fzKjcHdjPJKJVaJ2OjK0fzK2CI6dHJ1ZSwiZXhwIjoxNDY4Njk2NzEwLCJpYXQiOjE0lQGN..."