Skip to content

Redeem a realized inquiry for an application token pair.

POST
/redeem
curl --request POST \
--url https://connect-api.sudomimus.com/redeem \
--header 'Content-Type: application/json' \
--data '{ "exposureKey": "example", "hiddenKey": "example", "confirmationKey": "example" }'
Media type application/json
object
exposureKey
required
string
hiddenKey
required
string
confirmationKey
required
string
Example generated
{
"exposureKey": "example",
"hiddenKey": "example",
"confirmationKey": "example"
}

Tokens issued.

Media type application/json
object
claims
required

Per-claim view across the three shareable claims — why a claim is or is not present in the minted token (policy OFF, never asked, declined, or granted).

object
email
required

One shareable claim: what the application requests (requirement) joined with the user’s standing decision (state). UNKNOWN means the user was never asked; DENIED means the user explicitly declined.

object
requirement
required

The developer’s policy for the claim. SYNTHETIC guarantees the claim is present but permits a generated placeholder (a stand-in name, a proxy email) when the user has not shared real data — unlike REQUIRED it never blocks issuance or raises an errand.

string
Allowed values: OFF OPTIONAL REQUIRED SYNTHETIC
state
required
string
Allowed values: UNKNOWN GRANTED DENIED
firstName
required

One shareable claim: what the application requests (requirement) joined with the user’s standing decision (state). UNKNOWN means the user was never asked; DENIED means the user explicitly declined.

object
requirement
required

The developer’s policy for the claim. SYNTHETIC guarantees the claim is present but permits a generated placeholder (a stand-in name, a proxy email) when the user has not shared real data — unlike REQUIRED it never blocks issuance or raises an errand.

string
Allowed values: OFF OPTIONAL REQUIRED SYNTHETIC
state
required
string
Allowed values: UNKNOWN GRANTED DENIED
lastName
required

One shareable claim: what the application requests (requirement) joined with the user’s standing decision (state). UNKNOWN means the user was never asked; DENIED means the user explicitly declined.

object
requirement
required

The developer’s policy for the claim. SYNTHETIC guarantees the claim is present but permits a generated placeholder (a stand-in name, a proxy email) when the user has not shared real data — unlike REQUIRED it never blocks issuance or raises an errand.

string
Allowed values: OFF OPTIONAL REQUIRED SYNTHETIC
state
required
string
Allowed values: UNKNOWN GRANTED DENIED
applicationAnchor
required
string
refreshToken
required

Long-lived refresh token (JWT). Decode its body to RefreshTokenBody (see schema). The refresh token leaves the system, so its body carries the sector subject, never the underlying account identifier.

string
accessToken
required

Short-lived access token (JWT). Decode its body to AccessTokenBody (see schema) — the application-visible user key is the subject (sector subject) claim.

string
Example
{
"claims": {
"email": {
"requirement": "OFF",
"state": "UNKNOWN"
},
"firstName": {
"requirement": "OFF",
"state": "UNKNOWN"
},
"lastName": {
"requirement": "OFF",
"state": "UNKNOWN"
}
}
}

The inquiry could not be redeemed. The reason distinguishes:

  • InquiryNotFound — the (exposureKey, hiddenKey, confirmationKey) triple does not resolve to a realized inquiry.
  • InquiryExpired — the inquiry resolved but its lifetime has elapsed (expired by TTL or out of polling attempts).
  • InquiryNotRealized — the inquiry exists but has not been realized yet.
  • InquiryAlreadyRedeemed — the inquiry has already been consumed (single-use guard via conditional write; also fires after a REVEAL realize that surfaces the tokens in-line and immediately marks the inquiry redeemed).
Media type application/json

Error response body. The Connect service emits { "reason": "<SymbolDescription>" } for known failure modes. When the reason symbol’s description begins with PRIVATE, the body is empty (zero bytes) and only the HTTP status carries signal — both reason and the body itself are absent in that case.

object
reason

Stable machine-readable reason code.

string
Example generated
{
"reason": "example"
}

The attempt was refused. The reason distinguishes:

  • ApplicationDisabled — the application is disabled.
  • AccountDisabled — the realizing account is disabled.
  • AccountDeleted — the realizing account has been erased.
  • ClaimConsentRequired — the application requires a claim (email / first name / last name) the user has not granted; the standing grant must be (re)established through an interactive browser login before tokens can be issued.
Media type application/json

Error response body. The Connect service emits { "reason": "<SymbolDescription>" } for known failure modes. When the reason symbol’s description begins with PRIVATE, the body is empty (zero bytes) and only the HTTP status carries signal — both reason and the body itself are absent in that case.

object
reason

Stable machine-readable reason code.

string
Example generated
{
"reason": "example"
}

Error response.

Media type application/json

Error response body. The Connect service emits { "reason": "<SymbolDescription>" } for known failure modes. When the reason symbol’s description begins with PRIVATE, the body is empty (zero bytes) and only the HTTP status carries signal — both reason and the body itself are absent in that case.

object
reason

Stable machine-readable reason code.

string
Example generated
{
"reason": "example"
}