# Authentication

To authenticate, the user must provide credentials from Auth0. We assign the necessary permissions to ensure secure access to our APIs. <br>

1. Log in with a given username and password.

To log in, users authenticate by providing valid Auth0 credentials (username and password). Upon successful authentication, an access token, refresh token, and ID token will be provided in the response. The access token is used for accessing other APIs, while the refresh token allows users to obtain a new access token without further interaction.

* **POST** `/api/v1/auth/login`

**Request**

```json
{
    "username": "your_username",
    "password": "password"
}
```

**Response**

**200 OK**

```json
{
    "access_token": "eyJhbGciOi...W5Aq_PT-aHS4zfDWKVdhTuIC081TfyW8A",
    "refresh_token": "iCBG8_QvW...17aUv5",
    "id_token": "eyJhbGciOiJSUzI1NiI...3BruaGMzqgc6N0OgnrLFpmsx4i8g",
    "scope": "openid profile email address phone offline_access",
    "expires_in": 2592000,
    "token_type": "Bearer"
}

```

**Note**\
The `/api/v1/auth/login` endpoint does not require an access token or Bearer authorization header. Authentication is performed using the provided user credentials only.\
\
2\. Request a new access token using the refresh token obtained during login.

To request a new access token using the refresh token obtained during login, send a request with the refresh token. Upon successful verification, a new access token and ID token will be provided in the response.

<table data-header-hidden><thead><tr><th width="193"></th><th></th></tr></thead><tbody><tr><td><strong>Name</strong></td><td><strong>Description</strong></td></tr><tr><td>Bearer Token</td><td>[<strong>Required</strong>] The access token can be used to renew and utilize the refresh token.</td></tr></tbody></table>

**Request**

```json
{
    "refreshToken": "iCBG8_QvWq1...mD917aUv5"
}
```

**Response**

```json
{
    "access_token": "eyJhbGciOiJSUzI1NiIsIn...opG2Of3PMT0wtmvad5JpFseBB_7ZmA",
    "id_token": "eyJhbGciOiJSUzI1NiIsInR...yJ4Wko-QM0Dkw",
    "scope": "openid profile email address phone offline_access",
    "expires_in": 2592000,
    "token_type": "Bearer"
}
```


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://freename-1.gitbook.io/freename-apis/authentication.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.