Generate an access token by providing your Account ID and App Secret. The token is required for all subsequent API requests.
Tokens expire after 600 seconds (10 minutes). Refresh before expiry using GET /auth/refresh-token.
Request body
Your Yativo Account ID. Found in your dashboard under Settings → Account.
Your App Secret generated from Dashboard → Developer → API Key. Keep this confidential and never expose it in client-side code.
curl -X POST 'https://api.yativo.com/api/v1/auth/login' \
-H 'Content-Type: application/json' \
-d '{
"account_id": "your-account-id",
"app_secret": "your-app-secret"
}'
const response = await fetch('https://api.yativo.com/api/v1/auth/login', {
method: 'POST',
headers: { 'Content-Type': 'application/json' },
body: JSON.stringify({
account_id: process.env.YATIVO_ACCOUNT_ID,
app_secret: process.env.YATIVO_APP_SECRET,
}),
});
const { data } = await response.json();
const token = data.access_token;
{
"status": "success",
"status_code": 200,
"message": "Authentication successful",
"data": {
"access_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9...",
"token_type": "bearer",
"expires_in": 600
}
}
{
"status": "error",
"status_code": 401,
"message": "Invalid credentials",
"data": null
}
Refresh Token
Refresh an expiring token without re-authenticating with your credentials:
curl -X GET 'https://api.yativo.com/api/v1/auth/refresh-token' \
-H 'Authorization: Bearer YOUR_CURRENT_ACCESS_TOKEN'
{
"status": "success",
"status_code": 200,
"message": "Request successful",
"data": {
"access_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9...",
"expires_in": 600
}
}