These docs are for AuthRocket 1. Looking for AuthRocket 2 docs?

Signup Tokens

Signup Tokens are used as temporary references to User data that can be either used to create a User or discarded. They are useful for workflows where a user begins a signup process, but one or more additional steps must be completed before the signup is finalized, such as validating payment information. Discarding a Signup Token is easier than tracking and deleting an actual User object.

Multiple Signup Tokens for a given user may exist at once, even though only one can eventually be converted into a User. This simplifies form resubmittals or similar parts of the signup workflow.

Signup Tokens were formerly called User Tokens, which is the reason for legacy references to user_token below. Despite the legacy naming, thinking about them using the current terminology will be helpful in understanding their purpose and use.


id id Auto-generated

Signup Token ID. Always starts with “utk_”. Example: utk_USkWvq7fl3LlYPKvqtxBq

username string Required Must be unique within Realm.
email string Required Optional if Realm uses emails for usernames.
first_name string Optional
last_name string Optional
password string Required
password_confirmation string Optional
credential_type string Auto-generated Type of credential stored with the Signup Token
realm_id realm_id Required


Get read
Create write

Get a signup token

Retrieve a signup token.


GET /v1/user_tokens/:token_id
AuthRocket::UserToken.find 'utk_0v6O8c6RsC9A5e2Fa9n5WX'



Status: 200

{ "id" : "utk_0v6O8c6RsC9A5e2Fa9n5WX",
  "first_name" : null,
  "last_name" : null,
  "email" : "",
  "username" : "sally",
  "object" : "user_token",
  "credential_type" : "password"
  id: "utk_0v6O8c6RsC9A5e2Fa9n5WX",
  attribs: {

Create a signup token

Create a new signup token.


POST /v1/user_tokens
{ "user_token" :
  { "realm_id" : "rl_0v2FcFcZnv8qpG1XWoyN9P",
    "username" : "sally",
    "email" : "",
    "password" : "secret",
    "password_confirmation" : "secret"
token = AuthRocket::UserToken.create!(
  username: 'sally',
  email: '',
  password: 'secret',
  password_confirmation: 'secret',
  realm_id: 'rl_0v2FcFcZnv8qpG1XWoyN9P'



Status: 201, with same body as Get a Signup Token.

On success, returns same object as Get a Signup Token.

On failure, returns an object without an id, but with errors:

# => #<AuthRocket::UserToken:0x3fde5fa18df8> id: nil, ...
# => true
# => false
# => ["Username can't be blank"]

Questions? Find a Typo? Get in touch.