diff --git a/app/Http/Controllers/OneTimeTokenController.php b/app/Http/Controllers/OneTimeTokenController.php
new file mode 100644
index 000000000000..efe83ccd8af7
--- /dev/null
+++ b/app/Http/Controllers/OneTimeTokenController.php
@@ -0,0 +1,77 @@
+<?php
+/**
+ * Invoice Ninja (https://invoiceninja.com).
+ *
+ * @link https://github.com/invoiceninja/invoiceninja source repository
+ *
+ * @copyright Copyright (c) 2021. Invoice Ninja LLC (https://invoiceninja.com)
+ *
+ * @license https://opensource.org/licenses/AAL
+ */
+
+namespace App\Http\Controllers;
+
+use App\Http\Requests\OneTimeToken\OneTimeTokenRequest;
+use Illuminate\Http\Response;
+use Illuminate\Support\Facades\Cache;
+use Illuminate\Support\Str;
+
+class OneTimeTokenController extends BaseController
+{
+    use DispatchesJobs;
+
+    public function __construct()
+    {
+        parent::__construct();
+    }
+
+    /**
+     * Store a newly created resource in storage.
+     *
+     * @param CreateOneTimeTokenRequest $request
+     * @return Response
+     *
+     * @OA\Post(
+     *      path="/api/v1/one_time_token",
+     *      operationId="oneTimeToken",
+     *      tags={"one_time_token"},
+     *      summary="Attempts to create a one time token",
+     *      description="Attempts to create a one time token",
+     *      @OA\Parameter(ref="#/components/parameters/X-Api-Secret"),
+     *      @OA\Parameter(ref="#/components/parameters/X-Requested-With"),
+     *      @OA\Response(
+     *          response=200,
+     *          description="The Company User response",
+     *          @OA\Header(header="X-MINIMUM-CLIENT-VERSION", ref="#/components/headers/X-MINIMUM-CLIENT-VERSION"),
+     *          @OA\Header(header="X-RateLimit-Remaining", ref="#/components/headers/X-RateLimit-Remaining"),
+     *          @OA\Header(header="X-RateLimit-Limit", ref="#/components/headers/X-RateLimit-Limit")
+     *       ),
+     *       @OA\Response(
+     *          response=422,
+     *          description="Validation error",
+     *          @OA\JsonContent(ref="#/components/schemas/ValidationError"),
+     *       ),
+     *       @OA\Response(
+     *           response="default",
+     *           description="Unexpected Error",
+     *           @OA\JsonContent(ref="#/components/schemas/Error"),
+     *       ),
+     *     )
+     */
+    public function create(OneTimeTokenRequest $request)
+    {
+
+        $hash = Str::random(64);
+
+        $data = [
+            'user_id' => auth()->user()->id,
+            'company_key'=> auth()->company()->company_key,
+            'context' => $requst->input('context'),
+        ];
+
+        Cache::put( $hash, $data, 3600 );
+
+        return response()->json(['hash' => $hash], 200);
+    
+    }
+}
diff --git a/app/Http/Requests/OneTimeToken/OneTimeTokenRequest.php b/app/Http/Requests/OneTimeToken/OneTimeTokenRequest.php
new file mode 100644
index 000000000000..a5bee734c2cb
--- /dev/null
+++ b/app/Http/Requests/OneTimeToken/OneTimeTokenRequest.php
@@ -0,0 +1,45 @@
+<?php
+/**
+ * Invoice Ninja (https://invoiceninja.com).
+ *
+ * @link https://github.com/invoiceninja/invoiceninja source repository
+ *
+ * @copyright Copyright (c) 2021. Invoice Ninja LLC (https://invoiceninja.com)
+ *
+ * @license https://opensource.org/licenses/AAL
+ */
+
+namespace App\Http\Requests\OneTimeToken;
+
+use App\Http\Requests\Request;
+
+class OneTimeTokenRequest extends Request
+{
+    /**
+     * Determine if the user is authorized to make this request.
+     *
+     * @return bool
+     */
+    public function authorize()
+    {
+        return true;
+    }
+
+    /**
+     * Get the validation rules that apply to the request.
+     *
+     * @return array
+     */
+    public function rules()
+    {
+        return [
+            'context' => 'required',
+        ];
+    }
+
+    protected function prepareForValidation()
+    {
+        // $input = $this->all();
+        // $this->replace($input);
+    }
+}
diff --git a/routes/api.php b/routes/api.php
index 5728607a20c1..0c71a77c6b27 100644
--- a/routes/api.php
+++ b/routes/api.php
@@ -93,6 +93,8 @@ Route::group(['middleware' => ['api_db', 'token_auth', 'locale'], 'prefix' => 'a
     Route::post('migration/purge_save_settings/{company}', 'MigrationController@purgeCompanySaveSettings')->middleware('password_protected');
     Route::post('migration/start', 'MigrationController@startMigration');
 
+    Route::post('one_time_token', 'OneTimeTokenController@create');
+
     Route::resource('payments', 'PaymentController'); // name = (payments. index / create / show / update / destroy / edit
     Route::post('payments/refund', 'PaymentController@refund')->name('payments.refund');
     Route::post('payments/bulk', 'PaymentController@bulk')->name('payments.bulk');