# Authentication

## **Getting an Access Token**

To get an access token, call `POST /api/authorize/auth/` with credentials (which you've got from us) containing the email and password needed in the request body. The host address should be the API address (the one you've also got from us).

```json
{
	"credentials": {
		"email": "{{user_email}}", // your login
		"password": "{{user_password}}" // your password
	}
}
```

The successful response will return a pair of tokens:`access_token` and `expire_token`.

**access\_token** is a key that grants you access to system resources. To access a resource, you need to add your access\_token to the header.

&#x20;`headers = {‘ X-Forensic-Access-Token’: <access_token>}`

**access\_token** is time-limited, the limits depend on the account type.

* service accounts – `OZ_SESSION_LONGLIVE_TTL` (5 years by default),&#x20;
* other accounts – `OZ_SESSION_TTL` (15 minutes by default).

**expire\_token** is the token you can use to renew your access token if necessary.

### **Automatic session extension**

If the value of`expire_date` > current date, the value of current session`expire_date` is set to current date + time period that is defined as shown above (depending on the account type).&#x20;

## Token Renewal

To renew`access_token` and `expire_token`, call `POST` /`api/authorize/refresh/.` Add `expire_token` to the request body and  X-Forensic-Access-Token to the header.&#x20;

```json
{
    "expire_token": "{{expire_token}}"
}
```

<div align="left"><img src="https://2532558063-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F5g6dgsxRbyrCvB0uAf8f%2Fuploads%2FfTniB3J3bjZAZTdXd7NU%2FScreenshot_176.jpg?alt=media&#x26;token=7f6ea3a4-63b7-43dd-99df-7dceacced8f7" alt=""></div>

In case of success, you'll receive a new pair of `access_token` and `expire_token`. The "old" pair will be deleted upon the first authentication with the renewed tokens.

### Errors

| **Error code** | Error message                                                                | What caused the error                                                 |
| -------------- | ---------------------------------------------------------------------------- | --------------------------------------------------------------------- |
| 400            | Could not locate field for `key_path` `expire_token` from provided dict data | `expire_token` haven't been found in the request body                 |
| 401            | Session not found                                                            | The session with `expire_token` you have passed doesn't exist.        |
| 403            | You have not access to refresh this session                                  | A user who makes the request is not this`expire_token` session owner. |


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://doc.ozforensics.com/oz-knowledge/guides/developer-guide/api/oz-api/use-cases/authentication.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.