# API Authorization
Authorization methods are located in User-service.
{% content-ref url="/pages/-LuUmX-1A1Kf56uZIEPl" %}
[Broken mention](broken://pages/-LuUmX-1A1Kf56uZIEPl)
{% endcontent-ref %}
{% hint style="danger" %}
**VERY IMPORTANT! Read it carefully:**
Almost all responses contain DeviceToken, AccessToken and RefreshToken. We are currently in transition period of moving to a new platform. The existing platform already operates both with DeviceToken and AccessToken. We strongly recommend to store all three tokens to smoothly switch between platforms in the nearest future.\
\
After registration you will receive accessToken with JWT and refreshToken. Use JWT token for user's authorized requests. JWT token has a lifetime. After this period - it expires. When your JWT token is expired you should refresh your token.\
\
Here you can find information about how JWT works: \
\
We will support the old platform till November 01, 2021 and keep inform all our clients about progress and required steps.
{% endhint %}
{% hint style="warning" %}
To get and manage data of individual user you need to authorize with user's deviceToken (or JWT token in some cases), user's InstanceID and InstanceKey.\
\
To get and manage consolidated and accumulated data of user groups and all other users separately from your back-end, you need to authorize in API as admin with API Authorization Credentials.
{% endhint %}
## Authorization Types
| **API Services with authorization required** | **Authorization type** | **How to authorize in API** |
| ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| | Authorize as User | InstanceID: User Group InstanceID
Login: User DeviceToken
Password: User Group InstanceKEY
|
| | Authorize as Admin with API Authorization Credentials | InstanceID: API InstanceID
Login: API Login
Password: API Password
|
## API Authorization Credentials
Please, follow to your **Management** page in **DataHub** and generate **API Authorization Credentials**. Use provided credentials to get access to API.\
\&#xNAN;*If you do not have access to Management page - please, ask your colleague with a Company Access to DataHub to provide you with these credentials.*
## Authorization
`POST` `https://user.telematicssdk.com/v1/Auth/Login`
The method allows to log into API and get access to sensitive information\
\
**Authorization**: Allow Anonymous
#### Headers
| Name | Type | Description |
| ---------- | ------ | ----------------------------------------- |
| InstanceID | string | User Group Instance ID or API Instance ID |
#### Request Body
| Name | Type | Description |
| ----------- | ------ | --------------------------------------- |
| LoginFields | string | User deviceToken or API Login |
| Password | string | User group Instance Key or API Password |
{% tabs %}
{% tab title="200 " %}
```
{
"Result": {
"DeviceToken": "String",
"AccessToken": {
"Token": "String",
"ExpiresIn": 1209600 // milliseconds
},
"RefreshToken": "String"
},
"Status": 200,
"Title": "",
"Errors": []
}
```
{% endtab %}
{% endtabs %}
### Format of body request
#### Authorize as user
```
{
"LoginFields": {deviceToken: "deviceToken"},
"Password": "InstanceKEY"
}
```
#### Authorize as Admin with API Authorisation Credentials
```
Authorize as Admin with API Authorization Credentials
{
"loginFields": {"Email":"4DED@auth.me"},
"password": "Password"
}
```
### curl Request:
{% tabs %}
{% tab title="Curl request" %}
```
curl -X POST “
https://user.telematicssdk.com/v1/Auth/Login”
-H “accept: /” -H “InstanceId: “String” -H “InstanceKey: “String” -H “Content-Type: application/json-patch+json” -d “{\“loginFields\“:{\“Email\“:\“myemail@mydomain.com\“},\“password\“:\“P@ssword\“}”
```
{% endtab %}
{% endtabs %}
curl -X POST “ -H “accept: */*” -H “InstanceId: “String” -H “InstanceKey: “String” -H “Content-Type: application/json-patch+json” -d “{\“loginFields\“:{\“Email\“:\“\“},\“password\“:\“P\@ssword\“}”
{% hint style="danger" %}
Once you Log in and get credentials for further actions you have to be authorized. Please use Open Auth authorization.
Use **`"Authorization": "Bearer {Token}" // required`** in header for any method when authorization required.\
{Token} - the JWT token that you get in /v1/Auth/Login response method.
Please be informed, that the accesstoken expires every 2 hours. You have to update it every 2 hours using [refresh token and method **POST /v1/Auth/RefreshToken**](broken://pages/-M2csOnXplLLP_8T_7pd)
**We recommend keeping both AccessToken and Refresh token and set a schedule to refresh AccessToken to get seamless access to telematics platform, APIs and services**
{% endhint %}
{% content-ref url="/pages/-M2csOnXplLLP\_8T\_7pd" %}
[Broken mention](broken://pages/-M2csOnXplLLP_8T_7pd)
{% endcontent-ref %}
## Authorization via Swagger
Swagger:
### Login
#### Request
{% hint style="info" %}
Please have API's InstanceID ready
{% endhint %}
#### Response
```
{
"Result": {
"DeviceToken": "String",
"AccessToken": {
"Token": "String",
"ExpiresIn": 1209600
},
"RefreshToken": "String"
},
"Status": 200,
"Title": "",
"Errors": []
}
```
### Autorization
Please add Bearer JWT to authorization form.
{% hint style="danger" %}
Make sure you used a proper format value.
{% endhint %}
#### Example of format
Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJiOTA5MDNkZi1iOWExLTQ3MzQtOWI1Yi02MDJkZGFiNmYwNmUiLCJqdGkiOiIzOGEyZmZmNi1kNmVkLTRjZGItOTRjMi1mOTk5NzIzYWUyYzMiLCJpYXQiOjE1ODQ0NTQ1MDcsIkFwcGxpY2F0aW9uSWQiOiIyMSIsIkRhdGFIdWJFbWFpbCI6ImFuZHJpeS50dXBjaGllbmtvQHJheGVsdGVsZW1hdGljcy5jb20iLCJJbnN0YW5jZUlkIjoiYThlN2I3M2YtNTA4Yi00OWNlLWFmNTItNGMwZTYwNzAxMTM2IiwiSW5zdGFuY2VLZXkiOiI2MjY5N2RiNi0xZjA1LTRlYmMtOTYzMC1iODg3MmIxNDJlMTIiLCJEZXZpY2VUb2tlbiI6ImI5MDkwM2RmLWI5YTEtNDczNC05YjViLTYwMmRkYWI2ZjA2ZSIsIkNvbXBhbnlJZCI6IjM5IiwiSXNEYXRhSHViVXNlciI6IlRydWUiLCJuYmYiOjE1ODQ0NTQ1MDcsImV4cCI6MTU4NTY2NDEwNywiaXNzIjoid2ViQXBpIiwiYXVkIjoiaHR0cDovL2xvY2FsaG9zdDo1MTM3NCJ9.Cy2c\_FowBg4Ts1aPsKILn5-uI8NcY9dVIB4w9f8a8rY
{% hint style="danger" %}
For security purpose the API will accept any value with no error message. However, if you use incorrect value, you won't be able to get information from sensitive API.
{% endhint %}
---
# Agent Instructions: Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.
Perform an HTTP GET request on the current page URL with the `ask` query parameter:
```
GET https://docs-old.telematicssdk.com/user-statistics-and-analytics/authentication.md?ask=
```
The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.
Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.