# /token/obtain

#### Endpoint

```http
https://be.progeny.tech/api/v3/accounts/token/obtain/
```

#### Purpose

Allows you to exchange the username and password provided by Progeny, for an access token and refresh token.

To access API endpoints that require authentication, you should include the access token in the header of all requests. 

#### Sample request and response

## Exchange username and password for a token

<mark style="color:green;">`POST`</mark> `https://be.progeny.tech/api/v3/accounts/token/obtain/`

#### Request Body

| Name                                       | Type   | Description                      |
| ------------------------------------------ | ------ | -------------------------------- |
| username<mark style="color:red;">\*</mark> | String | The username provided by Progeny |
| password<mark style="color:red;">\*</mark> | String | The password provided by Progeny |

{% tabs %}
{% tab title="200: OK Success" %}

```javascript
{
    "refresh": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ0b2tlbl90eXBlIjoicmVmcmVzaCIsImV4cCI6MTY0OTg3MzI0NywianRpIjoiN2YxZjBjNWFhNWNmNGY1NTg5ZWQ0NGMzYWRjZjRmZmEiLCJ1c2VyX2lkIjo0MX0.7sN29T5abguGOGR3dmwxNfVJZcMxE9qDSxFcYXIKYEc",
    "access": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ0b2tlbl90eXBlIjoiYWNjZXNzIiwiZXhwIjoxNjQ4NjYzOTQ3LCJqdGkiOiJhMjg3MmQ4ZmIzY2Y0NTVkYWE3ZmRiMWVmZmZjM2UzZSIsInVzZXJfaWQiOjQxfQ.L4GXorALzmFOuu-NnyumEY7SbQum4kCdAQJ3QolGbqc"
}
```

{% endtab %}

{% tab title="401: Unauthorized Unauthorized" %}

```javascript
{
    "detail": "No active account found with the given credentials"
}
```

{% endtab %}

{% tab title="400: Bad Request Bad request" %}

```javascript
{
    "password": [
        "This field is required."
    ]
}
```

{% endtab %}
{% endtabs %}

The "access" token used to make API calls is only valid for five minutes.  To obtain a new access token without having to re-enter username/password, use the  /refresh endpoint.

## Get a new access token

<mark style="color:green;">`POST`</mark> `https://be.progeny.tech/api/v3/accounts/token/refresh/`

#### Request Body

| Name                                      | Type   | Description                    |
| ----------------------------------------- | ------ | ------------------------------ |
| refresh<mark style="color:red;">\*</mark> | String | The refresh value from /obtain |

{% tabs %}
{% tab title="200: OK Success" %}

```javascript
{
    "access": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ0b2tlbl90eXBlIjoiYWNjZXNzIiwiZXhwIjoxNjQ4NjY0NTQzLCJqdGkiOiI3YjkwYTgwMWU2ZGI0OTY4YTJmYTc3NmI1NmUzNDJkMCIsInVzZXJfaWQiOjQxfQ.-FPwOlMLX4WqGsJmmeY74F9R7EldudpvNnxO65hyeTw",
    "refresh": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ0b2tlbl90eXBlIjoicmVmcmVzaCIsImV4cCI6MTY0OTg3Mzg0MywianRpIjoiZGY2YTdhNmViMTlkNGE5YWE1ZTg1NTAwZWMwMDYyNGMiLCJ1c2VyX2lkIjo0MX0.FKJnVtXGyWu5_5s4TAHOuoF0iW8TmDe-Chcnt4XcWq0"
}
```

{% endtab %}

{% tab title="401: Unauthorized Unauthorized" %}

```javascript
{
    "detail": "Token is invalid or expired",
    "code": "token_not_valid"
}
```

{% endtab %}
{% endtabs %}