Skip to main content


The Vista react library accepts a token that's dynamically generated by the Vista API, through the Vista API client libraries.

You must first call the API route to generate a 'Read Token' - these tokens can be used to hit the Vista API's on your behalf, only for read-only endpoints, such as users/check.

In your service:

# generate when service starts
vista_read_tokens = vc.auth.generate_read_token()

# return as a part of sign-in flow to cache in frontend
def login():

return {
'vista_read_tokens': vista_read_tokens,

In your React Application:

login = (loginInfo) => {
const resp = await myApi.login(loginInfo);

vista_secret: resp.vista_read_token,


render = () => {
<VistaProvider secret={this.state.vista_secret}>