Token Handler

Create server endpoints that generate ephemeral tokens for the assistant.

Framework Handlers

Next.js
Remix
TanStack Start

import { createAssistantTokenHandler } from "modifywithai/nextjs"

export const POST = createAssistantTokenHandler(options)

import { createAssistantTokenAction } from "modifywithai/remix"

export const action = createAssistantTokenAction(options)

import { createAssistantTokenHandler } from "modifywithai/tanstack-start"

const handler = createAssistantTokenHandler(options)

export const APIRoute = createAPIFileRoute("/api/mwai/token")({
    POST: handler,
})

Options

CreateAssistantTokenHandlerOptions

Option	Type	Required	Default	Description
`appId`	`string`	Yes	—	Your app ID from the dashboard
`apiKey`	`string`	No	`process.env.MWAI_API_KEY`	Your API key
`apiUrl`	`string`	No	`https://api.modifywithai.com`	API endpoint
`getEndUserId`	`(request: Request) => Promise<string \| null>`	No	Auto-generate	Function to get user ID

Request Body

The handler expects a POST request with JSON body:

interface TokenRequest {
    endUserId?: string        // Optional if getEndUserId is defined
    availableActions: ActionDefinition[]
    context?: object
}

Response

Success (200):

{
    "token": "ephemeral_token_here",
    "expiresAt": "2024-01-15T12:00:00Z"
}

Error (400/401/500):

{
    "error": "Error message"
}

Examples

Basic

import { createAssistantTokenHandler } from "modifywithai/nextjs"

export const POST = createAssistantTokenHandler({
    appId: "app_abc123",
})

With Authentication

import { createAssistantTokenHandler } from "modifywithai/nextjs"
import { auth } from "@/lib/auth"

export const POST = createAssistantTokenHandler({
    appId: "app_abc123",
    getEndUserId: async (request) => {
        const session = await auth()
        if (!session?.user?.id) {
            return null // Will auto-generate anonymous ID
        }
        return session.user.id
    },
})

Custom API URL

export const POST = createAssistantTokenHandler({
    appId: "app_abc123",
    apiUrl: "https://custom.api.endpoint.com",
})

User ID Handling

The handler determines the user ID in this order:

getEndUserId function — If provided, calls it with the request
Request body — Uses endUserId from the POST body
Auto-generate — Creates an anonymous ID prefixed with autogen_

// Priority 1: getEndUserId function
getEndUserId: async (request) => {
    const session = await auth()
    return session?.user?.id ?? null
}

// Priority 2: Request body
// POST /api/mwai/token
// { "endUserId": "user_123", ... }

// Priority 3: Auto-generated
// "autogen_abc123xyz..."

Error Handling

The handler returns appropriate HTTP status codes:

Status	Cause
200	Success
400	Invalid request body
401	Invalid API key
500	Server configuration error or API failure

Security

API key stays server-side — Never exposed to the browser
Tokens are short-lived — Expire in minutes
Tokens are scoped — Only valid for the specified app and user

Components

Hooks

API Reference

Framework Handlers

Options

CreateAssistantTokenHandlerOptions

Request Body

Response

Examples

Basic

With Authentication

Custom API URL

User ID Handling

Error Handling

Security

Components

Hooks

API Reference

​Framework Handlers

​Options

​CreateAssistantTokenHandlerOptions

​Request Body

​Response

​Examples

​Basic

​With Authentication

​Custom API URL

​User ID Handling

​Error Handling

​Security

Framework Handlers

Options

CreateAssistantTokenHandlerOptions

Request Body

Response

Examples

Basic

With Authentication

Custom API URL

User ID Handling

Error Handling

Security