Get migration token

This endpoint allows an authenticated user to get their migration token, used later for Microsoft Account (MSA) migration.

NOTE: These docs are unfinished.

These docs were submitted by Dusks via DM to me on Discord, and I've formatted them and posted here + added a bit more data to them. Thank you, Dusks! Some endpoints have also been documented by fweak.

Request

Method: POST
Endpoint: /migration/token
Full URL: https://api.minecraftservices.com/migration/token
Headers:
- Authorization: Bearer [JWT/auth token here]
- Content-Type: application/json

The POST body for this request should be similar to this:

{
  "sessionEmail": "cooluser@gmail.com" // current email of the Mojang account
}

Note: This endpoint can also be used with the GET method with no body and no Content-Type header, and will return the same data. Status code 400 will not occur with the GET method.

Response

200: OK

Got token successfully. Sample response:

eyJhbGciOiJSUzI1NiIsIng1dCI6Ik1waTNjYlliNHJpWWwzcVl1YzFOTm5HeDdvOCIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJodHRwczovL2FwaS5taW5lY3JhZnRzZXJ2aWNlcy5jb20iLCJhdWQiOiJodHRwOi8vbG9naW4ubGl2ZS5jb20iLCJ2ZXIiOiIxLjAiLCJpYXQiOjE2MTg2ODczMzksImV4cCI6MTYxODY4ODUzOSwibmJmIjoxNjE4Njg3MzM5LCJhZGRyZXNzIjp7ImNvdW50cnkiOiJ0d29fbGV0dGVyX2NvdW50cnlfY29kZSJ9LCJiaXJ0aGRhdGUiOiJZWVlZLU1NLUREIiwiZW1haWwiOiJlbWFpbF9vZl9tb2phbmdfYWNjb3VudEBkb21haW4udGxkIiwiZW1haWxfdmVyaWZpZWQiOnRydWV9.qLmgkntcdORU35vplL0989N6kd7-ZKz43ZEYwhMcyrIH13bIs7SlHCbmTDW9s0HN2W9x3RSJZCZ5Eh6K3b5K8PTvfI1QQn4m84UBuZa0GQz0KQcDHhxWd_XTByoqWaEwbSUqWr95WdyMUHU7FqF9-eYnQTtmWw6tF6SxXWYnR7Ub4mQyb96hL1Jo5zF1U6yykipMbnG4i3LAd9SsRpTtgCWPioMa2UWb_ETHDQwvc7Jz1YsPi4oOSqZJpIEqJQO8W1oQt9Th_1XY0W4Qr3iK0LSosVrEr55mB2soNHuQg4FK4pvGoUYfdm_1Yn2ikjpIwB6_PZdNpdK3D9275hUjsA

400: Bad Request

You have provided an incorrect email as the sessionEmail, or neglected to provide a POST body entirely.

// incorrect email (always returned with legacy accounts, even with the correct email or email hash)
{
  "path": "/migration/token",
  "errorMessage": "Supplied e-mail doesn't match account e-mail",
  "developerMessage": "Supplied e-mail doesn't match account e-mail"
}

// did not pass an email 
{
  "path": "/migration/token",
  "errorType": "CONSTRAINT_VIOLATION",
  "error": "CONSTRAINT_VIOLATION",
  "errorMessage": "getMigrationToken.tokenRequest.sessionEmail: must not be blank",
  "developerMessage": "getMigrationToken.tokenRequest.sessionEmail: must not be blank"
}

// blank POST data
{
  "path": "/migration/token",
  "errorType": "Bad Request",
  "error": "Bad Request",
  "errorMessage": "Required Body [tokenRequest] not specified",
  "developerMessage": "Required Body [tokenRequest] not specified"
}

401: Unauthorized

You provided an invalid Bearer token or neglected to fill in the Authorization header entirely.

No body is returned for this response.

403: Forbidden

This status code is returned when you try to get your token with a MSA (already migrated or newly created).

{
  "path": "/migration/token",
  "errorType": "FORBIDDEN",
  "error": "FORBIDDEN"
}

500: Internal Server Error

In testing as of June 20, 2021, I have not observed this to occur with unmigrated / legacy accounts as previously noted here.

{
  "path": "/migration/token"
}

Mojang API Documentation

Get migration token

Request

Response