# Generating an authentication token Before calling other endpoints, you need to generate an Authorization Bearer token. To retrieve your token, simply send your account credentials as body parameters. This works just like logging into the Personr platform, but instead of being redirected to your dashboard, you will receive a token that allows you to authenticate and call other endpoints. This token has a lifetime of 1 year, and is invalidated whenever a new token is generated. The token is attached to the user credentials it was created with and as such it is recommended to create a service account for applications and use those credentials for token generation. *** ## Generate a bearer token `POST` `/api-token-generate` Generate a token for use with other endpoints. **Header** | Name | Value | | ------------ | --------------------- | | Content-Type | `multipart/form-data` | **Body** | Name | Type | Description | | ---------- | ------ | ---------------------------------------------------- | | `email` | string | The email you use to login to the Personr account | | `password` | string | The password you use to login to the Personr account | #### Request {% tabs %} {% tab title="cURL" %} ```sh curl --location 'https://enterprise.personr.co/api/1.1/wf/api-token-generate' \ --form 'email="example@personr.co"' \ --form 'password="example123"' ``` {% endtab %} {% tab title="Node.js" %} ```javascript var axios = require('axios'); var FormData = require('form-data'); var data = new FormData(); data.append('email', 'example@personr.co'); data.append('password', 'example123'); var config = { method: 'post', maxBodyLength: Infinity, url: 'https://enterprise.personr.co/api/1.1/wf/api-token-generate', headers: { ...data.getHeaders() }, data : data }; axios(config) .then(function (response) { console.log(JSON.stringify(response.data)); }) .catch(function (error) { console.log(error); }); ``` {% endtab %} {% tab title="Javascript" %} ```javascript var form = new FormData(); form.append("email", "example@personr.co"); form.append("password", "example123"); var settings = { "url": "https://enterprise.personr.co/api/1.1/wf/api-token-generate", "method": "POST", "timeout": 0, "processData": false, "mimeType": "multipart/form-data", "contentType": false, "data": form }; $.ajax(settings).done(function (response) { console.log(response); }); ``` {% endtab %} {% tab title="Ruby" %} ```ruby require "uri" require "net/http" url = URI("https://enterprise.personr.co/api/1.1/wf/api-token-generate") https = Net::HTTP.new(url.host, url.port) https.use_ssl = true request = Net::HTTP::Post.new(url) form_data = [['email', 'example@personr.co'],['password', 'example123']] request.set_form form_data, 'multipart/form-data' response = https.request(request) puts response.read_body ``` {% endtab %} {% tab title="Python" %} ```python import requests url = "https://enterprise.personr.co/api/1.1/wf/api-token-generate" payload={'email': 'example@personr.co', 'password': 'example123'} files=[ ] headers = {} response = requests.request("POST", url, headers=headers, data=payload, files=files) print(response.text) ``` {% endtab %} {% endtabs %} **Response** {% tabs %} {% tab title="200" %} ```json { "status": "success", "response": { "token": "bus|4242424242424x424242424242424242|4343434343434x434343434343434343", "user_id": "4242424242424x424242424242424242", "expires": 31536000 } } ``` {% endtab %} {% tab title="400" %} ```json { "statusCode": 400, "reason": "INVALID_LOGIN_CREDENTIALS", "message": "We didn’t find an account with those login credentials", } ``` {% endtab %} {% endtabs %} In the response, you'll receive: * The bearer token * The unique user id * The expiration time of your token, expressed in seconds. {% hint style="info" %} Remember to include your token in the header of every subsequent API call, in the format **Authorization: Bearer YOUR\_TOKEN** {% endhint %} {% hint style="info" %} Don't forget to set up a workflow to renew your token before it expires. {% endhint %}