# Authentication

## Obtain token

### Request

<mark style="color:blue;">`POST`</mark> `[base]/token/`

<table><thead><tr><th width="135">Name</th><th width="106">Type</th><th width="100">Required</th><th>Description</th></tr></thead><tbody><tr><td><code>client_id</code></td><td>string</td><td>Yes</td><td>Your API key.</td></tr><tr><td><code>client_secret</code></td><td>string</td><td>Yes</td><td>Your API secret.</td></tr></tbody></table>

#### Request example

{% tabs %}
{% tab title="cURL" %}

```sh
curl --location '{base_url}/token/' \
--header 'Content-Type: application/vnd.api+json' \
--data '{
  "data": {
    "type": "auth-token",
    "attributes": {
      "client_id": "<Your API key>",
      "client_secret": "<Your API secret>"
    }
  }
}'
```

{% endtab %}

{% tab title="Python" %}

```python
import requests

url = '[base]/token/'

headers = {
  'content-type': 'application/vnd.api+json',
}

data = {
  'data': {
    'type': 'auth-token',
    'attributes': {
      'client_id': '<Your API key>',
      'client_secret': '<Your API secret>',
    }
  }
}

requests.post(url, headers=headers, json=data)
```

{% endtab %}

{% tab title="PHP" %}

```php
<?php

use GuzzleHttp\Client;
use GuzzleHttp\Exception\RequestException;

$client = new GuzzleHttp\Client();
try {
  $res = $client->post('[base]/token/', [
    'json' => [
      'data' => [
        'type' => 'auth-token',
        'attributes' => [
          'client_id' => '<Your API key>',
          'client_secret' => '<Your API secret>',
        ],
      ],
    ],
    'headers' => [
      'Content-Type' => 'application/vnd.api+json',
    ],
  ]);
echo $res->getBody();
} catch (RequestException $e) {}
```

{% endtab %}
{% endtabs %}

### Response

<table><thead><tr><th width="231">Name</th><th width="106">Type</th><th>Description</th></tr></thead><tbody><tr><td><code>access</code></td><td>string</td><td>Your access token. It has an expiry time and after expiration should be refreshed by resending the request.</td></tr><tr><td><code>expires_in</code></td><td>number</td><td>The lifetime of the token, in seconds.</td></tr><tr><td><code>token_type</code></td><td>string</td><td>Always `"Bearer"`.</td></tr></tbody></table>

#### Response example

{% code overflow="wrap" %}

```json
{
  "data": {
    "type": "auth-token",
    "id": "0",
    "attributes": {
      "access": "eyJhbGciOiJSUzI1NiIsImtpZCI6IjMy...",
      "expires_in": 3599,
      "token_type": "Bearer"
    }
  }
}
```

{% endcode %}

#### Response codes

<table><thead><tr><th width="134">HTTP code</th><th width="170">Description</th><th>Suggested action</th><th></th></tr></thead><tbody><tr><td><mark style="color:green;"><code>200</code></mark></td><td>OK</td><td>—</td><td></td></tr><tr><td><mark style="color:red;"><code>400</code></mark></td><td>No active account found with the given credentials</td><td>Resend the request with the correct credentials.</td><td></td></tr><tr><td><mark style="color:red;"><code>429</code></mark></td><td>Too many requests</td><td>Try again later.</td><td></td></tr><tr><td><mark style="color:red;"><code>4xx</code></mark></td><td>Incorrect request</td><td>Resend the request with the correct parameters.</td><td></td></tr><tr><td><mark style="color:red;"><code>5хх</code></mark></td><td>—</td><td>Server error</td><td>Try again later.</td></tr></tbody></table>