> For the complete documentation index, see [llms.txt](https://masters-india-1.gitbook.io/ksa-e-invoicing-api/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://masters-india-1.gitbook.io/ksa-e-invoicing-api/authentication/access-tokens.md). # Access Tokens Masters India supports access-token-based authentication. After a user login request, our API generates an access\_token and a refresh token to a user after validating his credentials. ### Access Token The Access token key can be used in subsequent requests but expires after 24 hours which must be requested again by re-initiating a login or call the token-refresh API. The Access token once generated is valid for 24 hours and the refresh token is valid for many days. This token need to be passed in the subsequent requests to avoid permission issues. The key needs to be passed as a request parameter. To generate the Authorization token by clicking on the Send button. Once the Token Is generated. We need to the token in **Authorization** header with the prefix **JWT** so the token will be passed as **JWT \** ### Refresh Token This token is valid for many days upon generation. This token can be updated via the refresh-token api or when calling the login API again. Once the refresh-token API is called the current access and refresh tokens will be **invalid** so you will have to update the values in your database accordingly. It is upto the client to ensure that access and refresh tokens are frequently updated to avoid log outs during einvoice generations. ## Get Access token API ### Request Method POST ### Request Path ``` {{API_URL}}/api/v2/token-auth/ ``` ### Request Headers
ParameterValueDescription
Productideinvoicing_globalKeep as is
### Request Body | Parameter | Value | Description | | --------- | ------------ | -------------------------- | | username | sample\_user | username | | password | 1234Pass | password of the given user | ### Response Body #### 200 (OK) | Parameter | Value | Description | | -------------- | ----- | ----------------------------------- | | token | '' | access token (24 hr validity) | | refresh\_token | '' | refresh token (valid for some days) | #### 206 (Invalid Credentials) | Parameter | Value | Description | | --------- | ------------------------------------------ | ----------- | | error | "Unable to login with provided credential" | | #### 400 (Invalid Params) | Parameter | Value | Description | | --------- | ------------------ | ----------- | | username | \['missing field'] | | | | | | ## Refresh Token Update API ### Request Method POST ### Request Path ``` {{API_URL}}/api/v2/api-token-refresh/ ``` ### Request Headers
ParameterValueDescription
Productideinvoicing_globalKeep as is
Serviceonline_serviceKeep as is
### Request Body | Parameter | Value | Description | | --------- | ----- | ------------------------------------------- | | token | "" | The current **refresh token** that you have | ### Response Body #### 200 (OK) | Parameter | Value | Description | | -------------- | ----- | ----------------------------------- | | token | '' | access token (24 hr validity) | | refresh\_token | '' | refresh token (valid for some days) | #### 206 (Passing Incorrect/Invalid token) | Parameter | Value | Description | | --------- | -------------------------------------------------------- | ----------- | | error | "Incorrect token type passed'' / "Invalid Refresh token" | | **400 (Expired Refresh token)** | Parameter | Value | Description | | ------------------ | ------------------------ | ----------- | | non\_field\_errors | \["Refresh has expired"] | | --- # Agent Instructions This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com. ## Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://masters-india-1.gitbook.io/ksa-e-invoicing-api/authentication/access-tokens.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.