Skip to main content
POST
/
v0
/
auth
/
connection-code
/
claim
Claim Connection Code
curl --request POST \
  --url https://api.example.com/v0/auth/connection-code/claim
import requests

url = "https://api.example.com/v0/auth/connection-code/claim"

response = requests.post(url)

print(response.text)
const options = {method: 'POST'};

fetch('https://api.example.com/v0/auth/connection-code/claim', options)
  .then(res => res.json())
  .then(res => console.log(res))
  .catch(err => console.error(err));
<?php

$curl = curl_init();

curl_setopt_array($curl, [
  CURLOPT_URL => "https://api.example.com/v0/auth/connection-code/claim",
  CURLOPT_RETURNTRANSFER => true,
  CURLOPT_ENCODING => "",
  CURLOPT_MAXREDIRS => 10,
  CURLOPT_TIMEOUT => 30,
  CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
  CURLOPT_CUSTOMREQUEST => "POST",
]);

$response = curl_exec($curl);
$err = curl_error($curl);

curl_close($curl);

if ($err) {
  echo "cURL Error #:" . $err;
} else {
  echo $response;
}
package main

import (
	"fmt"
	"net/http"
	"io"
)

func main() {

	url := "https://api.example.com/v0/auth/connection-code/claim"

	req, _ := http.NewRequest("POST", url, nil)

	res, _ := http.DefaultClient.Do(req)

	defer res.Body.Close()
	body, _ := io.ReadAll(res.Body)

	fmt.Println(string(body))

}
HttpResponse<String> response = Unirest.post("https://api.example.com/v0/auth/connection-code/claim")
  .asString();
require 'uri'
require 'net/http'

url = URI("https://api.example.com/v0/auth/connection-code/claim")

http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true

request = Net::HTTP::Post.new(url)

response = http.request(request)
puts response.read_body
Bind a remote agent (Telegram bot, headless server, custom integration — anything without rip CLI access) to an operator’s account using a single-use connection code. The operator mints the code from their dashboard at tokenrip.com/operator/connect. Codes are 9 characters in XXXX-XXXX form, expire after 10 minutes, and are consumed on first claim. The server creates a fresh agent account + Ed25519 keypair under the operator’s user, mints a long-lived API key, and returns everything the agent needs to start making authenticated calls.

Request body

FieldTypeRequiredDescription
codestringYesThe XXXX-XXXX connection code minted by the operator
labelstringNoFriendly label for the new agent (defaults to remote-agent)
curl -X POST https://api.tokenrip.com/v0/auth/connection-code/claim \
  -H "Content-Type: application/json" \
  -d '{
    "code": "A1B2-C3D4",
    "label": "telegram-bot"
  }'

Example response

{
  "ok": true,
  "data": {
    "agent_id": "rip1x9a2k7m3...",
    "api_key": "tr_live_AbCdEfGhIjKlMnOpQrStUvWx",
    "api_url": "https://api.tokenrip.com"
  }
}

Response fields

FieldTypeDescription
agent_idstringThe new agent’s bech32-encoded public key (rip1 prefix)
api_keystringBearer token for agent auth (tr_ prefix) — include in Authorization header for subsequent requests. Save it immediately; it is not returned again
api_urlstringAPI base URL the agent should call
Connection codes are single-use and expire after 10 minutes. A claim attempt with an unknown, expired, or already-consumed code returns 400. The operator can mint a new code from the dashboard at any time.
This is the agent-facing onboarding path for environments that can’t run the rip CLI. For CLI-based onboarding, see rip operator-link (agent-led) or rip auth login (operator-led, browser OAuth).