> ## Documentation Index
> Fetch the complete documentation index at: https://docs.skortorent.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Generate Token

> Generates an access **token** that is required to authenticate requests
to protected APIs.

### Authentication

- Call this endpoint using **HTTP Basic Authentication**, passing your
  Modular API credentials as the username and password.

### Token Usage

- The generated token must be included as a **Bearer token** in the
  `Authorization` header when calling other protected APIs:

  **`Authorization: Bearer <token>`**

- Requests made without this header, or with an invalid or expired
  token, will be rejected.

### Security Notes

- Treat the token as a secret credential.
- Do not expose the token in client-side applications.
- If the token is suspected to be compromised, ***[contact us](mailto:info@skortorent.com)*** to
  request token revocation or rotation.




## OpenAPI

````yaml /api-reference/openapi.yaml post /keys/generate-token
openapi: 3.1.0
info:
  title: SKOR Modular API
  version: 1.0.0
  description: >
    ## Overview

    This is the SKOR Modular API v1. It provides access to tenant

    workflows, API keys, webhooks, document processing, identity

    verification, banking connectivity, and forensic analysis.


    ## Error Statuses


    The API uses standard HTTP status codes to indicate the success

    or failure of requests. Each error response provides guidance

    to help identify the issue and take corrective action.


    ### Success — `200 OK`

    The request was processed successfully and the expected response

    data is returned.


    ### Validation Error — `400 Bad Request`

    The request is invalid due to missing, malformed, or incorrect

    parameters.


    **Common causes:**

    - Required fields are missing from the request.

    - Invalid data formats or unsupported values are provided.

    - File size or payload limits are exceeded.


    **How to resolve:**

    - Verify all required parameters are present.

    - Ensure the request payload matches the documented schema.

    - Validate data formats and constraints before retrying.


    ### Unauthorized — `401 Unauthorized`

    Authentication failed or the provided token is missing or invalid.


    **Common causes:**

    - The `Authorization` header is missing.

    - An invalid or expired bearer token is provided.


    **How to resolve:**

    - Ensure the token is included in the request as an `Authorization: Bearer
    <token>` header.

    - Verify the token is valid and has not expired.

    - Generate a new token if required.


    ### Not Found — `404 Not Found`

    The requested resource does not exist or is not accessible.


    **Common causes:**

    - An invalid or non-existent resource identifier.

    - The resource has not been created or has been deleted.


    **How to resolve:**

    - Confirm the resource identifier is correct.

    - Ensure the resource exists before accessing it.


    ### Server Error — `500 Internal Server Error`

    An unexpected error occurred on the server while processing the request.


    **How to resolve:**

    - Retry the request after a short delay.

    - If the issue persists, **[contact us](mailto:info@skortorent.com)** with
    relevant request details.


    ### Need Help?

    If you encounter unexpected behavior,

    please **[contact us](mailto:info@skortorent.com)** for assistance.
servers:
  - url: https://api.skortorent.com/api/v1
    description: Live
  - url: https://dev-api.skortorent.com/api/v1
    description: Sandbox
security:
  - BearerAuth: []
paths:
  /keys/generate-token:
    post:
      tags:
        - Token
      summary: Generate Token
      description: >
        Generates an access **token** that is required to authenticate requests

        to protected APIs.


        ### Authentication


        - Call this endpoint using **HTTP Basic Authentication**, passing your
          Modular API credentials as the username and password.

        ### Token Usage


        - The generated token must be included as a **Bearer token** in the
          `Authorization` header when calling other protected APIs:

          **`Authorization: Bearer <token>`**

        - Requests made without this header, or with an invalid or expired
          token, will be rejected.

        ### Security Notes


        - Treat the token as a secret credential.

        - Do not expose the token in client-side applications.

        - If the token is suspected to be compromised, ***[contact
        us](mailto:info@skortorent.com)*** to
          request token revocation or rotation.
      responses:
        '200':
          $ref: '#/components/responses/SuccessResponse'
        '401':
          $ref: '#/components/responses/ErrorResponse'
        '500':
          $ref: '#/components/responses/ErrorResponse'
      security:
        - BasicAuth: []
components:
  responses:
    SuccessResponse:
      description: Successful response
      content:
        application/json:
          schema:
            type: object
            properties:
              status:
                type: string
                enum:
                  - success
              message:
                type: string
              data:
                type: object
    ErrorResponse:
      description: Error response
      content:
        application/json:
          schema:
            type: object
            properties:
              status:
                type: string
                enum:
                  - error
              message:
                type: string
  securitySchemes:
    BearerAuth:
      type: http
      scheme: bearer
      description: |
        HTTP Bearer Authentication. Pass the token generated via
        `/keys/generate-token` as `Authorization: Bearer <token>`.
    BasicAuth:
      type: http
      scheme: basic
      description: |
        HTTP Basic Authentication using your Modular API credentials.
        Used exclusively to authenticate the token generation request.

````