Playground — Grantex

1

Register an Agent

Pending

Register a demo agent that will request permissions on behalf of a user. This creates a cryptographic identity (DID) for the agent.

POST /v1/agents

Response

2

Request Authorization

Pending

Ask a user for permission. In sandbox mode, this auto-approves and returns an authorization code immediately — no consent page needed.

POST /v1/authorize

Response

3

Exchange Code for Grant Token

Pending

Exchange the authorization code for a signed RS256 JWT grant token. This is the credential your agent presents to any service.

POST /v1/token

Response

4

Verify Token

Pending

Verify the grant token online. In production, you'd verify offline via JWKS — this endpoint is a convenience for quick checks.

POST /v1/tokens/verify

Response

5

Refresh Token

Pending

Exchange the single-use refresh token for a new grant token. The old refresh token is invalidated (rotation).

POST /v1/token/refresh

Response

6

Revoke Grant

Pending

Revoke the grant entirely. After this, the token fails verification. Revocation is instant and cascades to all delegated grants.

DELETE /v1/grants/:id

Response

7

Verify After Revocation

Pending

Try verifying the same token again. It should now return valid: false — proving that revocation is effective.

POST /v1/tokens/verify

Response

Interactive Playground