# Create worker access token POST https://api.letsdeel.com/rest/v2/workers/session Content-Type: application/json Creates a worker access token **Token scopes**: `admin:worker` Reference: https://developer.deel.com/api/reference/endpoints/worker-session/create-worker-access-token ## OpenAPI Specification ```yaml openapi: 3.1.0 info: title: Deel HRIS SCIM API version: 1.0.0 paths: /workers/session: post: operationId: create-worker-access-token summary: Create worker access token description: |- Creates a worker access token **Token scopes**: `admin:worker` tags: - subpackage_workerSession parameters: - name: Authorization in: header description: > ## Authentication The Deel API uses bearer tokens to authenticate requests. All API calls must be made over HTTPS — calls over plain HTTP or without authentication will fail. ```curl curl -X GET 'https://api.letsdeel.com/rest/v2/contracts' \ -H 'Authorization: Bearer YOUR-TOKEN-HERE' ``` [Learn more about authentication](/api/authentication) required: true schema: type: string responses: '201': description: Successful operation content: application/json: schema: $ref: >- #/components/schemas/Worker Session_createWorkerAccessToken_Response_201 '400': description: Operation failed. content: application/json: schema: $ref: '#/components/schemas/ApiErrorContainer' '401': description: Operation failed. content: application/json: schema: $ref: '#/components/schemas/ApiErrorContainer' '403': description: Operation failed. content: application/json: schema: $ref: '#/components/schemas/ApiErrorContainer' '404': description: Operation failed. content: application/json: schema: $ref: '#/components/schemas/ApiErrorContainer' '500': description: Operation failed. content: application/json: schema: $ref: '#/components/schemas/ApiErrorContainer' requestBody: content: application/json: schema: type: object properties: data: $ref: >- #/components/schemas/WorkersSessionPostRequestBodyContentApplicationJsonSchemaData required: - data servers: - url: https://api.letsdeel.com/rest/v2 - url: https://api-staging.letsdeel.com/rest/v2 components: schemas: WorkersSessionPostRequestBodyContentApplicationJsonSchemaData: type: object properties: profile_id: type: string format: uuid description: The ID of the profile to create access token for required: - profile_id title: WorkersSessionPostRequestBodyContentApplicationJsonSchemaData WorkersSessionPostResponsesContentApplicationJsonSchemaData: type: object properties: token: type: string description: Access token expires_at: type: string format: date-time description: Expiration date of the access token required: - token - expires_at title: WorkersSessionPostResponsesContentApplicationJsonSchemaData Worker Session_createWorkerAccessToken_Response_201: type: object properties: data: $ref: >- #/components/schemas/WorkersSessionPostResponsesContentApplicationJsonSchemaData required: - data title: Worker Session_createWorkerAccessToken_Response_201 ApiErrorRequest: type: object properties: method: type: string description: The HTTP method of the failed request url: type: string description: The relative URL of the failed request status: type: number format: double description: The status code of the response api_req_id: type: string description: The request ID of the failed request docs: type: string description: >- A link to the official documentation for the requested endpoint resource source: type: string description: The source handler which produced the returned error code: type: number format: double description: The code of the source handler which produced the returned error title: ApiErrorRequest ApiError: type: object properties: message: type: string description: A description of the returned error path: type: string description: The JSON path where input validation failed title: ApiError ApiErrorContainer: type: object properties: request: $ref: '#/components/schemas/ApiErrorRequest' errors: type: array items: $ref: '#/components/schemas/ApiError' title: ApiErrorContainer securitySchemes: deelToken: type: http scheme: bearer description: > ## Authentication The Deel API uses bearer tokens to authenticate requests. All API calls must be made over HTTPS — calls over plain HTTP or without authentication will fail. ```curl curl -X GET 'https://api.letsdeel.com/rest/v2/contracts' \ -H 'Authorization: Bearer YOUR-TOKEN-HERE' ``` [Learn more about authentication](/api/authentication) oauth2: type: http scheme: bearer description: >- Standard OAuth2 security scheme based on https://swagger.io/docs/specification/authentication/ ``` ## SDK Code Examples ```python import requests url = "https://api.letsdeel.com/rest/v2/workers/session" payload = { "data": { "profile_id": "123e4567-e89b-12d3-a456-426614174000" } } headers = { "Authorization": "Bearer ", "Content-Type": "application/json" } response = requests.post(url, json=payload, headers=headers) print(response.json()) ``` ```javascript const url = 'https://api.letsdeel.com/rest/v2/workers/session'; const options = { method: 'POST', headers: {Authorization: 'Bearer ', 'Content-Type': 'application/json'}, body: '{"data":{"profile_id":"123e4567-e89b-12d3-a456-426614174000"}}' }; try { const response = await fetch(url, options); const data = await response.json(); console.log(data); } catch (error) { console.error(error); } ``` ```go package main import ( "fmt" "strings" "net/http" "io" ) func main() { url := "https://api.letsdeel.com/rest/v2/workers/session" payload := strings.NewReader("{\n \"data\": {\n \"profile_id\": \"123e4567-e89b-12d3-a456-426614174000\"\n }\n}") req, _ := http.NewRequest("POST", url, payload) req.Header.Add("Authorization", "Bearer ") req.Header.Add("Content-Type", "application/json") res, _ := http.DefaultClient.Do(req) defer res.Body.Close() body, _ := io.ReadAll(res.Body) fmt.Println(res) fmt.Println(string(body)) } ``` ```ruby require 'uri' require 'net/http' url = URI("https://api.letsdeel.com/rest/v2/workers/session") http = Net::HTTP.new(url.host, url.port) http.use_ssl = true request = Net::HTTP::Post.new(url) request["Authorization"] = 'Bearer ' request["Content-Type"] = 'application/json' request.body = "{\n \"data\": {\n \"profile_id\": \"123e4567-e89b-12d3-a456-426614174000\"\n }\n}" response = http.request(request) puts response.read_body ``` ```java import com.mashape.unirest.http.HttpResponse; import com.mashape.unirest.http.Unirest; HttpResponse response = Unirest.post("https://api.letsdeel.com/rest/v2/workers/session") .header("Authorization", "Bearer ") .header("Content-Type", "application/json") .body("{\n \"data\": {\n \"profile_id\": \"123e4567-e89b-12d3-a456-426614174000\"\n }\n}") .asString(); ``` ```php request('POST', 'https://api.letsdeel.com/rest/v2/workers/session', [ 'body' => '{ "data": { "profile_id": "123e4567-e89b-12d3-a456-426614174000" } }', 'headers' => [ 'Authorization' => 'Bearer ', 'Content-Type' => 'application/json', ], ]); echo $response->getBody(); ``` ```csharp using RestSharp; var client = new RestClient("https://api.letsdeel.com/rest/v2/workers/session"); var request = new RestRequest(Method.POST); request.AddHeader("Authorization", "Bearer "); request.AddHeader("Content-Type", "application/json"); request.AddParameter("application/json", "{\n \"data\": {\n \"profile_id\": \"123e4567-e89b-12d3-a456-426614174000\"\n }\n}", ParameterType.RequestBody); IRestResponse response = client.Execute(request); ``` ```swift import Foundation let headers = [ "Authorization": "Bearer ", "Content-Type": "application/json" ] let parameters = ["data": ["profile_id": "123e4567-e89b-12d3-a456-426614174000"]] as [String : Any] let postData = JSONSerialization.data(withJSONObject: parameters, options: []) let request = NSMutableURLRequest(url: NSURL(string: "https://api.letsdeel.com/rest/v2/workers/session")! as URL, cachePolicy: .useProtocolCachePolicy, timeoutInterval: 10.0) request.httpMethod = "POST" request.allHTTPHeaderFields = headers request.httpBody = postData as Data let session = URLSession.shared let dataTask = session.dataTask(with: request as URLRequest, completionHandler: { (data, response, error) -> Void in if (error != nil) { print(error as Any) } else { let httpResponse = response as? HTTPURLResponse print(httpResponse) } }) dataTask.resume() ```