# Generate Access Token

## Authorize Calls

## This endpoint authorizes your API calls

<mark style="color:green;">`POST`</mark> `{{baseUrl}}/auth`

#### Headers

| Name                                    | Type   | Description               |
| --------------------------------------- | ------ | ------------------------- |
| Basic<mark style="color:red;">\*</mark> | String | Basic base64(appid:rhkey) |

{% tabs %}
{% tab title="200 Success" %}

```json
{
    "status": "200",
    "logged": true,
    "data": {
        "authid": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJpYXQiOjE2OTIyNjk0NTgsImlzcyI6ImFwaS50aGVyb290c2hpdmUuY29tIiwibmJmIjoxNjkyMjY5NDU4LCJleHAiOjE2OTIyNzMwNTgsInVzZXIiOiJteXJvb3RzaGl2ZUBnbWFpbC5jb20iLCJkYXRhIjp7InhwdWIxIjoiODl0YUlGYS9WSUZ0akdQbkFHT1M5VWZkMWU2c1FiNGZLblQrUnBZYjNKTElsTHJWNExNSEwvMGs4cnZzc3U5WitMUzR2Z0dJWFgvWEQ0NVpUUDlQMVE9PSIsInhwdWIyIjoiVmlNYXFNQkxHWUE3N1dobTVxZW9YWGw5a3dTcHFNdHVySEs3aCtGRDY0MD0iLCJ4cHViMyI6IkNFR1J4T0w3RkZxUlBjTEFrcWQ0NURzdytUbTdxb3EzbW5UMFpWRU50S2o0ZnlCcTd1TXJxVjU0UGd6WGxvaHoifX0.dPTCG_Gqhu906XCV1p0Xqr8ges85A5qHdfmxCjC5UvllNyvJK1Dh8-VQ6IKFd3nmSPS910VTruK9ARFB84fTrw"
    }
}
```

{% endtab %}

{% tab title="401 Permission denied" %}

```json
{
    "status": "401",
    "logged": false,
    "data": {
        "message": "missing parameter"
    }
}

```

{% endtab %}
{% endtabs %}

{% hint style="info" %}
**Good to know:** Rootshive's core security protocol is OAuth 2.0, which authenticates API requests via associated API keys that can be managed directly from the dashboard. Rootshive provides an APPID, that is used together with a secret key to generate a basic token and a secret key that should be kept confidential and stored exclusively on the user's servers. The secret API key provides unrestricted access to Monnify's API and authorizes all API calls. In case of any suspicion of compromise, the secret key can be reset from your Rootshive dashboard.
{% endhint %}