{
  "$schema": "https://json-schema.org/draft/2020-12/schema",
  "$id": "#/components/schemas/CreateTokenRequest",
  "title": "CreateTokenRequest",
  "type": "object",
  "properties": {
    "subject": {
      "type": "string",
      "description": "Token subject in format: user/username or service/name"
    },
    "scope": {
      "type": "string",
      "description": "Space-separated scopes (e.g., \"applied-permissions/user\", \"applied-permissions/admin\", \"applied-permissions/groups:readers,developers\")"
    },
    "expires_in": {
      "type": "integer",
      "description": "Token expiry in seconds (0 for non-expiring)"
    },
    "refreshable": {
      "type": "boolean",
      "description": "Whether the token supports refresh",
      "default": false
    },
    "description": {
      "type": "string",
      "description": "Token description for management purposes"
    },
    "audience": {
      "type": "string",
      "description": "Intended token audience"
    },
    "include_reference_token": {
      "type": "boolean",
      "description": "Whether to include a reference token",
      "default": false
    },
    "project_key": {
      "type": "string",
      "description": "Project key to scope the token to a specific project"
    }
  },
  "required": [
    "scope"
  ]
}