Product DocsWebsite

Access Tokens

This page shows how to get the authentication credentials using the access token and refresh token policies.

Masters India supports access-token-based authentication. After a user login request, our API generates an access_token and a refresh token to a user after validating his credentials.

Access Token

The Access token key can be used in subsequent requests but expires after 24 hours which must be requested again by re-initiating a login or call the token-refresh API. The Access token once generated is valid for 24 hours and the refresh token is valid for many days. This token need to be passed in the subsequent requests to avoid permission issues.

The key needs to be passed as a request parameter. To generate the Authorization token by clicking on the Send button. Once the Token Is generated. We need to the token in Authorization header with the prefix JWT so the token will be passed as JWT <token>

Refresh Token

This token is valid for many days upon generation. This token can be updated via the refresh-token api or when calling the login API again. Once the refresh-token API is called the current access and refresh tokens will be invalid so you will have to update the values in your database accordingly. It is upto the client to ensure that access and refresh tokens are frequently updated to avoid log outs during einvoice generations.

Get Access token API

Request Method

POST

Request Path

{{API_URL}}/api/v2/token-auth/

Request Headers

Parameter
Value
Description

Productid

einvoicing_global

Keep as is

Request Body

Parameter
Value
Description

username

sample_user

username

password

1234Pass

password of the given user

Response Body

200 (OK)

Parameter
Value
Description

token

''

access token (24 hr validity)

refresh_token

''

refresh token (valid for some days)

206 (Invalid Credentials)

Parameter
Value
Description

error

"Unable to login with provided credential"

400 (Invalid Params)

Parameter
Value
Description

username

['missing field']

Refresh Token Update API

Request Method

POST

Request Path

{{API_URL}}/api/v2/api-token-refresh/

Request Headers

Parameter
Value
Description

Productid

einvoicing_global

Keep as is

Service

online_service

Keep as is

Request Body

Parameter
Value
Description

token

""

The current refresh token that you have

Response Body

200 (OK)

Parameter
Value
Description

token

''

access token (24 hr validity)

refresh_token

''

refresh token (valid for some days)

206 (Passing Incorrect/Invalid token)

Parameter
Value
Description

error

"Incorrect token type passed'' / "Invalid Refresh token"

400 (Expired Refresh token)

Parameter
Value
Description

non_field_errors

["Refresh has expired"]

PreviousAuthenticationNextAPI KEY

Last updated