Access Tokens
This page shows how to get the authentication credentials using the access token and refresh token policies.
Masters India supports access-token-based authentication. After a user login request, our API generates an access_token and a refresh token to a user after validating his credentials.
Access Token
The Access token key can be used in subsequent requests but expires after 24 hours which must be requested again by re-initiating a login or call the token-refresh API. The Access token once generated is valid for 24 hours and the refresh token is valid for many days. This token need to be passed in the subsequent requests to avoid permission issues.
The key needs to be passed as a request parameter. To generate the Authorization token by clicking on the Send button. Once the Token Is generated. We need to the token in Authorization header with the prefix JWT so the token will be passed as JWT <token>
Refresh Token
This token is valid for many days upon generation. This token can be updated via the refresh-token api or when calling the login API again. Once the refresh-token API is called the current access and refresh tokens will be invalid so you will have to update the values in your database accordingly. It is upto the client to ensure that access and refresh tokens are frequently updated to avoid log outs during einvoice generations.
Get Access token API
Request Method
POST
Request Path
Request Headers
| Parameter | Value | Description |
|---|---|---|
Productid | einvoicing_global | Keep as is |
Request Body
| Parameter | Value | Description |
|---|---|---|
username | sample_user | username |
password | 1234Pass | password of the given user |
Response Body
200 (OK)
| Parameter | Value | Description |
|---|---|---|
token | '' | access token (24 hr validity) |
refresh_token | '' | refresh token (valid for some days) |
206 (Invalid Credentials)
| Parameter | Value | Description |
|---|---|---|
error | "Unable to login with provided credential" |
400 (Invalid Params)
| Parameter | Value | Description |
|---|---|---|
username | ['missing field'] | |
Refresh Token Update API
Request Method
POST
Request Path
Request Headers
| Parameter | Value | Description |
|---|---|---|
Productid | einvoicing_global | Keep as is |
Service | online_service | Keep as is |
Request Body
| Parameter | Value | Description |
|---|---|---|
token | "" | The current refresh token that you have |
Response Body
200 (OK)
| Parameter | Value | Description |
|---|---|---|
token | '' | access token (24 hr validity) |
refresh_token | '' | refresh token (valid for some days) |
206 (Passing Incorrect/Invalid token)
| Parameter | Value | Description |
|---|---|---|
error | "Incorrect token type passed'' / "Invalid Refresh token" |
400 (Expired Refresh token)
| Parameter | Value | Description |
|---|---|---|
non_field_errors | ["Refresh has expired"] |
Last updated