Skip to main content
POST
/
api
/
public
/
auth
/
portal-token
curl -X POST "https://app.crovver.com/api/public/auth/portal-token" \
  -H "x-public-key: pk_live_..." \
  -H "Content-Type: application/json" \
  -d '{
    "externalTenantId": "workspace_123",
    "returnUrl": "https://app.com/settings/billing"
  }'

{
  "success": true,
  "data": {
    "token": "eyJhbGciOiJIUzI1NiJ9...",
    "expiresAt": "2025-01-01T00:10:00Z"
  },
  "meta": {
    "portalUrl": "https://portal.crovver.com/billing?token=eyJhbGci...",
    "expiresIn": 600
  }
}
Creates a signed JWT for accessing the self-service billing portal — where tenants can view invoices, update payment methods, manage seats, and cancel their subscription. The tenant must already exist (i.e. have gone through checkout at least once). Returns 404 if the tenant is not found.

Request Headers

x-public-key
string
required
Your public key (pk_live_...)

Request Body

externalTenantId
string
required
The tenant ID from your application
returnUrl
string
required
URL to return to when the user exits the portal. Must be a valid URL.
metadata
object
Optional context stored with the token. Supports userEmail, userName.

Response

data.token
string
Signed JWT (valid for 10 minutes)
meta.portalUrl
string
The full portal URL with token — redirect the user here
curl -X POST "https://app.crovver.com/api/public/auth/portal-token" \
  -H "x-public-key: pk_live_..." \
  -H "Content-Type: application/json" \
  -d '{
    "externalTenantId": "workspace_123",
    "returnUrl": "https://app.com/settings/billing"
  }'

{
  "success": true,
  "data": {
    "token": "eyJhbGciOiJIUzI1NiJ9...",
    "expiresAt": "2025-01-01T00:10:00Z"
  },
  "meta": {
    "portalUrl": "https://portal.crovver.com/billing?token=eyJhbGci...",
    "expiresIn": 600
  }
}