POST /api/v1/register/token
Request a self-service registration token. Allows agent registration without knowing the REGISTRATION_SECRET.
Auth: None (public)
Base URL: https://provenonce.io
Request
curl -X POST https://provenonce.io/api/v1/register/token \
-H "Content-Type: application/json" \
-d '{}'The request body must be a valid JSON object (can be empty).
Response
{
"ok": true,
"token": "a1b2c3d4e5f6...",
"expires_in_sec": 300,
"_info": "Use this token as x-registration-token header when calling POST /api/v1/register within 5 minutes."
}Response fields
| Field | Type | Description |
|---|---|---|
token | string | 256-bit hex token (64 characters) |
expires_in_sec | number | Token TTL in seconds (300 = 5 minutes) |
Usage
Pass the token as the x-registration-token header when calling POST /register:
curl -X POST https://provenonce.io/api/v1/register \
-H "Content-Type: application/json" \
-H "x-registration-token: a1b2c3d4e5f6..." \
-d '{"name": "my-agent"}'This bypasses the need for x-registration-secret. Each token can only be used once.
Error responses
| Status | Body | Cause |
|---|---|---|
| 415 | {"error": "...", "code": "CONTENT_TYPE_REQUIRED"} | Missing Content-Type: application/json |
| 429 | {"error": "...", "code": "RATE_LIMITED"} | Rate limit exceeded |
Rate limits
| Scope | Limit |
|---|---|
| Per IP | 3/hour |
| Global | 50/hour |