Get Authentication Token
Get an authentication token to access the Chronos API. This token is required for all subsequent API requests.
POST
/token/generateThis endpoint allows you to authorize API requests. The obtained token is valid for 15 days from the creation date. After that time, it is necessary to generate a new token.
Headers
| Parameter | Type | Required | Description |
|---|---|---|---|
Content-Type | string | ✅ Yes | Must be application/json |
Body Parameters
| Parameter | Type | Required | Description |
|---|---|---|---|
email | string | ✅ Yes | Email of the registered user associated with the client on the Chronos EON platform |
password | string | ✅ Yes | User password and client token provided by Chronos, separated by a colon (format: password:token) |
Examples
- cURL
- JavaScript
- Python
curl -X POST https://apisandbox.eonwms.com/token/generate \
-H "Content-Type: application/json" \
-d '{
"email": "training@chronos.mx",
"password": "thesecretwordiskadabra"
}'
const response = await fetch('https://apisandbox.eonwms.com/token/generate', {
method: 'POST',
headers: {
'Content-Type': 'application/json',
},
body: JSON.stringify({
email: 'training@chronos.mx',
password: 'thesecretwordiskadabra'
})
});
const data = await response.json();
const token = data.token;
import requests
response = requests.post(
'https://apisandbox.eonwms.com/token/generate',
json={
'email': 'training@chronos.mx',
'password': 'thesecretwordiskadabra'
}
)
data = response.json()
token = data['token']
Responses
200Success - Token generated
{
"token": "30169ed6edb2e4bd4bbf0c349b5a9d2fa1141b12726f76cd76111e46b92043f1...",
"type": "Bearer",
"expired_at": "2023-02-07"
}
401Unauthorized - Invalid credentials
{
"fault": {
"error": "unauthorized_client",
"error_description": "the credentials are not valid"
}
}
Important Notes
Token Expiration
Tokens are valid for 15 days from creation. Make sure to implement token renewal logic in your application to avoid authentication failures.
Password Format
The password field must contain your user password and the client token provided by Chronos, separated by a colon:
password:token
Example: mypassword:b03ea027d73cfdb458184541012b76c08d24353d6923c0b1dea4e2fc7d77963b
Using the Token
Once you have obtained your token, include it in all subsequent API requests using the Authorization header:
Authorization: Bearer YOUR_TOKEN_HERE
Token Storage Best Practices
- Never expose tokens in client-side code - Tokens should only be used in server-side applications
- Store tokens securely - Use environment variables or secure key management systems
- Implement token renewal - Create a mechanism to renew tokens before they expire
- Monitor token usage - Log token generation and usage for security auditing