# 2. API Authentication

## Authentication API to get an accessToken

{% hint style="info" %}
We strongly recommend calling /api/v1/login on the server side to protect your API\_KEY. \
\
The accessToken has an expiration time of 60 minutes for security reasons. Make sure to retrieve the accessToken when the user initiate the onboarding process.
{% endhint %}

{% hint style="success" %}
Production URL: *<https://prod.quadrata.com/api/v1/login>*
{% endhint %}

## Authentication API to get an accessToken to pass to \<QuadClient>

<mark style="color:green;">`POST`</mark> `https://int.quadrata.com/api/v1/login`

#### Request Body

| Name                                     | Type   | Description     |
| ---------------------------------------- | ------ | --------------- |
| apiKey<mark style="color:red;">\*</mark> | String | Company API KEY |

{% tabs %}
{% tab title="200: OK JWT Access Token" %}

```json
// Example Response
{ 
   "data":  { 
          "accessToken": "<JWT_TOKEN>", 
          "type": "login"
    }
}
```

{% endtab %}
{% endtabs %}