Use this API endpoint to get a signed token. The signed token can be used in the
attach calls in the client libraries.
user: The ID of the user if present. Pass an empty string if the user id is not available. This must not be null.
Authorization: Bearer <api_secret>: where
secret is the raw API secret you get when generating an API key.
Never reveal your secret on the client side. Only make this call from a secure server.
"secret": "the signed secret to pass to your calls"