> ## Documentation Index
> Fetch the complete documentation index at: https://docs.cairhealth.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Get Auth Token

> Generates authentication tokens for a client using clientId and clientSecret.

This endpoint as well as `/api/refresh` will be used in tandem to provide authentication to all of our public endpoints.
These endpoints require your `clientId` and `clientSecret` which can be found in your <a href="https://forecaster.cairhealth.com/admin-panel">admin panel</a>.


## OpenAPI

````yaml POST /api/token
openapi: 3.1.0
info:
  title: Cair Health APIs
  description: APIs for the Cair Health platform
  license:
    name: MIT
  version: 1.0.0
servers:
  - url: https://forecaster.cairhealth.com
security:
  - bearerAuth: []
paths:
  /api/token:
    post:
      description: >-
        Generates authentication tokens for a client using clientId and
        clientSecret.
      requestBody:
        description: Client credentials for authentication
        content:
          application/json:
            schema:
              type: object
              properties:
                clientId:
                  type: string
                  description: The client ID of the organization
                clientSecret:
                  type: string
                  description: The client secret of the organization
              required:
                - clientId
                - clientSecret
            example:
              clientId: xxxxx-xxxxxx-xxxxxxx
              clientSecret: xxxxx-xxxxxx-xxxxxxx
        required: true
      responses:
        '200':
          description: Authentication tokens generated successfully
          content:
            application/json:
              schema:
                type: object
                properties:
                  accessToken:
                    type: string
                    description: Access token to use in your API request
                  refreshToken:
                    type: string
                    description: Refresh token to refresh your access token
                  expiresAt:
                    type: string
                    format: date-time
                    description: Date and timestamp at which the access token will expire
                  refreshTokenExpiresAt:
                    type: string
                    format: date-time
                    description: Date and timestamp at which the refresh token will expire
              example:
                accessToken: xxxxxxxxxxxxx.xxxxxxxx
                refreshToken: xxxxxxxxxxxxx.xxxxxxxx
                expiresAt: '2025-03-24T18:38:47.781Z'
                refreshTokenExpiresAt: '2025-03-25T18:28:47.781Z'
        '401':
          description: Invalid credentials provided
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Error'
      security: []
components:
  schemas:
    Error:
      type: object
      properties:
        message:
          type: string
          description: Error message
  securitySchemes:
    bearerAuth:
      type: http
      scheme: bearer
      bearerFormat: JWT

````