> ## Documentation Index
> Fetch the complete documentation index at: https://docs.coverwhale.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Get Authentication Token

> Request an authentication and refresh token with user credentials



## OpenAPI

````yaml post /authentication
openapi: 3.0.0
info:
  title: Cover Whale API V1
  contact:
    name: Cover Whale API Team
  version: '1.0'
servers:
  - url: https://api.coverwhale.dev/v1
security:
  - AccessToken: []
tags:
  - name: Authentication
    description: Authenticating & Interacting with the API
paths:
  /authentication:
    post:
      tags:
        - Authentication
      summary: Get Authentication Token
      description: Request an authentication and refresh token with user credentials
      operationId: authentication
      parameters:
        - name: Content-Type
          in: header
          required: true
          schema:
            type: string
          example: application/json
        - name: Accept
          in: header
          required: true
          schema:
            type: string
          example: application/json
      requestBody:
        required: true
        content:
          application/json:
            schema:
              required:
                - username
                - password
              properties:
                username:
                  type: string
                  example: j.doe@coverwhale.com
                password:
                  description: >-
                    provided user password. Password reset can be used to
                    recover account.
                  type: string
                new_password:
                  type: string
                refresh_token:
                  description: Can be combined with username to generate new AccessTokens.
                  type: string
              type: object
      responses:
        '200':
          description: Authentication Success
          content:
            application/json:
              schema:
                properties:
                  AccessToken:
                    description: Access Token, used for API calls.
                    type: string
                  RefreshToken:
                    description: Refresh Token, used for re-authentication.
                    type: string
                  ExpiresIn:
                    description: Halflife for active AccessToken.
                    type: integer
                    example: '3600'
                type: object
        '400':
          description: Authentication Error
          content:
            application/json:
              schema:
                properties:
                  Error:
                    description: >-
                      Auth Error, bad username or password. If password expired
                      please use reset enpoint.
                    type: string
                    example: 'Auth Error: Incorrect username or password.'
                type: object
components:
  securitySchemes:
    AccessToken:
      type: apiKey
      description: >-
        AWS Cognito access token obtained from the /authentication endpoint.
        Token expires after 3600 seconds.
      name: AccessToken
      in: header

````