> ## Documentation Index > Fetch the complete documentation index at: https://developer.hellgate.io/llms.txt > Use this file to discover all available pages before exploring further. # Create token > Create a new token in the generic scope. This type of token can be used for various use cases that do not involve sensitive card payment credentials. ## OpenAPI ````yaml /products/guardian/openapi.yaml post /api/generic/tokens openapi: 3.1.0 info: title: Guardian API version: '1.0' contact: name: Starfish GmbH & Co. KG email: hello@starfish.team url: https://hellgate.io/cpa/guardian license: name: Hellgate API Terms url: https://hellgate.io/terms-and-conditions servers: - url: https://{cluster_id}.on-hellgate.cloud description: Guardian service instance variables: cluster_id: default: my-cluster-id description: | Guardian is a service of the Hellgate Cloud Platform. The unique cluster-id is used to connect to your instance. security: [] tags: - name: pci description: Management of card payment credentials under the ruling of PCI DSS. - name: network description: Management of network tokens and cryptograms for secure transactions. - name: generic description: Management of generic tokens and their schemas for various use cases. - name: metadata description: Inquiries for card metadata based on PAN, PCI tokens, or network tokens. - name: apikey description: Management of API keys for service access. - name: webhook description: Management of webhooks for event notifications. - name: types description: Management of types for generic token schemas. paths: /api/generic/tokens: post: tags: - generic summary: Create token description: > Create a new token in the generic scope. This type of token can be used for various use cases that do not involve sensitive card payment credentials. operationId: generic_token_create requestBody: content: application/json: schema: $ref: '#/components/schemas/generic_token_create_request' examples: sepa_credentials: summary: Example Payload for SEPA Credentials value: payload: iban: DE89370400440532013000 bic: COBADEFFXXX account_holder_name: John Doe api_credentials: summary: Example Payload for API Credentials value: payload: api_key: abcd1234efgh5678 api_secret: s3cr3tK3y! expiration_time: 2592000 responses: '200': description: Success response content: application/json: schema: $ref: '#/components/schemas/generic_token' examples: sepa_credentials: summary: Example Response for SEPA Credentials value: id: 8744c9ea-a02b-4ae6-875c-b64fc333e3ef created_at: '2023-10-01T12:34:56Z' api_credentials: summary: Example Response for API Credentials value: id: 8744c9ea-a02b-4ae6-875c-b64fc333e3ef created_at: '2023-10-01T12:34:56Z' expires_at: '2023-10-31T12:34:56Z' '401': $ref: '#/components/responses/401_UnauthorizedError' '403': $ref: '#/components/responses/403_ForbiddenError' '409': $ref: '#/components/responses/409_ConflictError' '422': $ref: '#/components/responses/422_ValidationError' security: - APIKey: [] - AdminToken: [] components: schemas: generic_token_create_request: type: object properties: expiration_time: type: integer minimum: 1 maximum: 2592000 description: | The expiry time is used to specify after how many seconds a token should be automatically deleted after creation. payload: type: object description: >- The payload is a key-value map, that can contain any information the user wants to store in the token. * Maximum 20 key-value pairs. * Maximum 20 characters per key. * Maximum 80 characters per value. metadata: $ref: '#/components/schemas/Metadata' type_id: type: string format: uuid description: >- The ID of a type to apply for this payload. If provided the payload will be validated against the schema of the type and the tokens can be filtered by the type ID as well. required: - payload generic_token: type: object properties: id: type: string format: uuid created_at: type: string format: date-time expires_at: type: string format: data-time metadata: $ref: '#/components/schemas/Metadata' required: - id - created_at Metadata: type: object description: | Metadata consisting of key-value entries. * Maximum 20 key-value pairs. * Maximum 20 characters per key. * Maximum 80 characters per value. example: my_key_one: my_value_one my_key_two: my_value_two ErrorGeneric: type: object properties: code: $ref: '#/components/schemas/ErrorStatusCode' classifier: $ref: '#/components/schemas/ErrorClassifier' message: $ref: '#/components/schemas/ErrorMessage' ErrorValidation: type: object properties: code: $ref: '#/components/schemas/ErrorStatusCode' classifier: $ref: '#/components/schemas/ErrorClassifier' message: $ref: '#/components/schemas/ErrorMessage' validation_errors: type: array items: type: object properties: path: type: string description: Json-path in the request which points to the validation error message: type: string description: Human readable validation message ErrorStatusCode: type: integer description: The corresponding HTTP status code for the error ErrorClassifier: type: string description: Technical code that helps to identify the error ErrorMessage: type: string description: Human readable representation of the error responses: 401_UnauthorizedError: description: Unauthorized content: application/json: schema: $ref: '#/components/schemas/ErrorGeneric' example: code: 401 message: No valid means of authentication was provided classifier: UNAUTHORIZED 403_ForbiddenError: description: Forbidden content: application/json: schema: $ref: '#/components/schemas/ErrorGeneric' example: code: 403 message: Not allowed to access this resource or feature classifier: FORBIDDEN 409_ConflictError: description: Conflict content: application/json: schema: $ref: '#/components/schemas/ErrorGeneric' example: code: 409 message: Conflict classifier: CONFLICT 422_ValidationError: description: Validation error content: application/json: schema: $ref: '#/components/schemas/ErrorValidation' example: code: 422 classifier: VALIDATION_ERROR message: Validation error validation_errors: - path: json-path message: human readable error message securitySchemes: APIKey: type: apiKey name: x-api-key in: header AdminToken: type: apiKey name: x-admin-token in: header ````