> ## Documentation Index > Fetch the complete documentation index at: https://docs.pipevest.com/llms.txt > Use this file to discover all available pages before exploring further. # Create Auth Token > Creates an authentication token ## OpenAPI ````yaml api-reference/openapi.yaml post /oauth/token openapi: 3.0.0 info: title: Pipevest Investment API description: Connecting millions of Africans to the global economy version: 0.0.1 servers: - url: https://api.pipevest.com/v1 description: Production server - url: https://api.staging.pipevest.com/v1 description: Staging server security: - BearerAuth: [] paths: /oauth/token: parameters: - $ref: '#/components/parameters/Signature' - $ref: '#/components/parameters/SignatureInput' - $ref: '#/components/parameters/XIdempotencyKey' post: tags: - Auth summary: Returns an access token parameters: - $ref: '#/components/parameters/ContentDigest' requestBody: description: Details used to create a customer within the system required: true content: application/x-www-form-urlencoded: schema: $ref: '#/components/schemas/CreateAuthToken' responses: '201': description: Details of the access token content: application/json: schema: $ref: '#/components/schemas/Auth' examples: success: summary: Successful authentication value: message: Authentication successful tokenId: ffdcf324-5d27-4289-b626-386979e50bae token: >- eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJvcmdhbml6YXRpb25JZCI6ImNtaGx5MXkxbzAwMDJzNjAxY2Y2aXRocm8iLCJjbGllbnRJZCI6Im9yZ19kZGE4MzcxY2U5ZmUxZGEyYmE3OThjZGVkMWU1NjRjYSIsIm9yZ2FuaXphdGlvbk5hbWUiOiJNYWNlamtvdmljLCBEb25uZWxseSBhbmQgS3VobG1hbiIsImlhdCI6MTc2Mjc4Mjk2MSwiZXhwIjoxNzYyNzg2NTYxLCJhdWQiOiJvcmdhbml6YXRpb24tcG9ydGFsIiwiaXNzIjoib3JnYW5pemF0aW9uLWFwaSIsImp0aSI6ImZmZGNmMzI0LTVkMjctNDI4OS1iNjI2LTM4Njk3OWU1MGJhZSJ9.dIq1_o5fCvTdLcQV9NhtN5CQ7qWHUzJt1903E_8t3aA expiresIn: 3600 maxTTL: 86400 tokenType: Bearer scope: - READ - WRITE trustedIps: [] organization: id: cmhly1y1o0002s601cf6ithro name: Macejkovic, Donnelly and Kuhlman clientId: org_dda8371ce9fe1da2ba798cded1e564ca createdAt: 1762782961 updatedAt: 1762782961 '401': $ref: '#/components/responses/Unauthorized' '404': $ref: '#/components/responses/NotFound' security: [] components: parameters: Signature: in: header name: Signature schema: type: string example: 'sig1=:OTEyMjY4...A5NTNDMEQ=:' description: > Base64 encoded signed hash of the http message request components. [Learn how signatures work](/concepts/http-signature/message-signature) required: true SignatureInput: in: header name: Signature-Input schema: type: string example: sig1=("Content-Type" "Content-Digest"...expires= description: > An ordered list of components that make up the signature base. It is used to recompute and verify the `Signature` [Learn how signatures work](/concepts/http-signature/message-signature) required: true XIdempotencyKey: in: header name: X-Idempotency-Id schema: type: string example: 01937261-e216-754f-99ba-c1170d65dd28 description: > Unique identifier passed into each a mutable request (i.e `POST`, `PUT`, `PATCH`, `DELETE`) This key isn't not required for `GET` requests required: true ContentDigest: in: header name: Content-Digest schema: type: string example: 'sha-512=:RK/0qy18MlBSVnWgjwz6lZEWjP/lF5HF9bvEF8FabDg=:' description: > Base64 encoded sha-512 hash of the http message body. This key isn't not required for `GET` and `DELETE` requests. [Learn how to generate content digest](/concepts/http-signature/content-digest) required: true schemas: CreateAuthToken: type: object properties: clientId: $ref: '#/components/schemas/ClientId' clientSecret: $ref: '#/components/schemas/ClientSecret' required: - clientId - clientSecret Auth: type: object description: Details of the authenticated token request properties: message: type: string description: Authentication response message example: Authentication successful tokenId: type: string description: Unique token identifier example: ffdcf324-5d27-4289-b626-386979e50bae token: type: string description: JWT access token example: >- eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJvcmdhbml6YXRpb25JZCI6ImNtaGx5MXkxbzAwMDJzNjAxY2Y2aXRocm8iLCJjbGllbnRJZCI6Im9yZ19kZGE4MzcxY2U5ZmUxZGEyYmE3OThjZGVkMWU1NjRjYSIsIm9yZ2FuaXphdGlvbk5hbWUiOiJNYWNlamtvdmljLCBEb25uZWxseSBhbmQgS3VobG1hbiIsImlhdCI6MTc2Mjc4Mjk2MSwiZXhwIjoxNzYyNzg2NTYxLCJhdWQiOiJvcmdhbml6YXRpb24tcG9ydGFsIiwiaXNzIjoib3JnYW5pemF0aW9uLWFwaSIsImp0aSI6ImZmZGNmMzI0LTVkMjctNDI4OS1iNjI2LTM4Njk3OWU1MGJhZSJ9.dIq1_o5fCvTdLcQV9NhtN5CQ7qWHUzJt1903E_8t3aA expiresIn: $ref: '#/components/schemas/AccessTokenExpiresIn' maxTTL: $ref: '#/components/schemas/AccessTokenMaxTTL' tokenType: type: string description: Token type example: Bearer scope: type: array description: Authorization scopes associated with token items: type: string enum: - READ - WRITE example: - READ - WRITE trustedIps: $ref: '#/components/schemas/TrustedIpAddresses' organization: $ref: '#/components/schemas/Organization' createdAt: $ref: '#/components/schemas/CreatedAt' updatedAt: $ref: '#/components/schemas/UpdatedAt' required: - message - tokenId - token - expiresIn - maxTTL - tokenType - scope - trustedIps - organization - createdAt - updatedAt ClientId: description: Unique identifier assigned to the client type: string example: client-id ClientSecret: description: Private passcode shared with the client type: string example: client-secret AccessTokenExpiresIn: description: A token's current TTL type: integer example: 123 AccessTokenMaxTTL: description: A token's max time to TTL type: integer example: 123 TrustedIpAddresses: description: The list of ip addresses whitelisted for this client type: array items: $ref: '#/components/schemas/TrustedIpAddress' Organization: type: object description: Organization details associated with the token properties: id: type: string description: Unique organization identifier example: cmhly1y1o0002s601cf6ithro name: type: string description: Organization name example: Macejkovic, Donnelly and Kuhlman clientId: type: string description: Organization client identifier example: org_dda8371ce9fe1da2ba798cded1e564ca required: - id - name - clientId CreatedAt: description: Created at unix timestamp type: integer example: 1234567890 UpdatedAt: description: Updated at unix timestamp type: integer example: 1234567890 Error: type: object properties: code: allOf: - $ref: '#/components/schemas/ResponseCode' - example: 401 message: allOf: - $ref: '#/components/schemas/ResponseMessage' - example: Unauthorized required: - code - message TrustedIpAddress: description: An ip address whitelisted for this client type: string example: 123.123.123.123 ResponseCode: description: Request response code type: string example: 200 ResponseMessage: description: Request response message type: string example: Success responses: Unauthorized: description: Unauthorized content: application/json: schema: $ref: '#/components/schemas/Error' NotFound: description: The specified resource was not found content: application/json: schema: allOf: - $ref: '#/components/schemas/Error' - type: object properties: code: type: string example: 404 message: type: string example: Not Found securitySchemes: BearerAuth: type: http scheme: bearer ````