TempTokenService.generateTempToken() when the API issues a signed 15-minute connector-access URL and is consumed (marked used) by TempTokenService.validateAndConsume() during the OAuth callback. The table acts as a replay-prevention store: a token is valid only while expires_at > now() and used_at IS NULL. It has no workspace foreign key, no soft-delete column, and no user-editable fields β it is entirely system-managed.
Internal object. Not currently exposed on the public REST API. The operations below describe the intended contract.
API operations
Data model
Attributes
System-computed
- temp_access_token_id β generated by the database via DEFAULT gen_random_uuid() at INSERT time (Migration20260128100000).
- jti β set by the service layer using crypto.randomUUID() before persist; also embedded as the jti claim in the HS256-signed JWT returned to callers.
- expires_at β computed by TempTokenService as Date.now() + 15 minutes (TOKEN_EXPIRY = 15 * 60 * 1000 ms) at generation time.
- created_at β set by MikroORM onCreate hook (no database DEFAULT; application-side timestamp).
- used_at β stamped by TempAccessTokenRepository.markAsUsed() exactly once upon successful validateAndConsume(). Never reset or cleared.
- Single-use enforcement β findValidByJti combines three predicates: jti match + expires_at > now() + used_at IS NULL. All three must hold for the token to be considered valid.
Example
apps/api/src/database/entities/TempAccessToken.ts Β· domain: platform Β· tier: Platform