> ## Documentation Index
> Fetch the complete documentation index at: https://telr-docs.cashfree.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Create Auth Token to Initialise the SDK

> Use this API to generate an authentication token required to initialize the Cashfree SDK. Provide your **app_id**, and product name (such as Video KYC) in the request body. The API returns an **access_token** and its expiry details.



## OpenAPI

````yaml post /oauth/token
openapi: 3.0.0
info:
  license:
    name: Apache 2.0
    url: https://www.apache.org/licenses/LICENSE-2.0.html
  contact:
    email: developers@cashfree.com
    name: API Support
    url: https://discord.com/invite/QdZkNSxXsB
  title: Cashfree Verification API's.
  version: '2023-12-18'
  description: >-
    Cashfree's Verification APIs provide different types of verification to our
    merchants.
servers:
  - description: Sandbox Server
    url: https://sandbox.cashfree.com/verification
  - description: Production Server
    url: https://api.cashfree.com/verification
security: []
tags:
  - name: Aadhaar
    description: Operations related to Aadhaar verification.
  - name: BAV V2
    description: Operations related to Bank account verification v2.
  - name: PAN
    description: Operations related to PAN verification.
  - name: Digilocker
    description: Operations related to Digilocker verification.
  - name: E-sign
    description: Operations related to E-sign verification.
  - name: Reverse Penny Drop
    description: Operations related to Reverse Penny Drop verification.
  - name: IP
    description: Operation related to IP verification.
  - name: UPI
    description: Operations related to UPI verification.
  - name: Passport
    description: Operation related to Passport verification.
  - name: CIN
    description: Operation related to CIN verification.
  - name: Name Match
    description: Operation related to Name Match verification.
  - name: PAN to GSTIN
    description: Operation related to PAN to GSTIN.
  - name: Face Match
    description: Operation related to Face Match verification.
  - name: Voter ID
    description: Operation related to Voter ID verification.
  - name: Reverse Geocoding
    description: Operation related to Reverse Geocoding.
  - name: Liveliness
    description: Operation related to Liveliness.
  - name: Vehicle RC
    description: Operation related to Vehicle RC verification.
  - name: Driving License
    description: Operation related to Driving License verification.
  - name: GSTIN
    description: Operation related to GSTIN verification.
  - name: Account Aggregator
    description: Operations related to Account aggregator.
  - name: OTPLess
    description: Operations related to OTPLess Verification.
  - name: 1-Click
    description: Operations related to 1-Click.
  - name: BharatOCR
    description: Operations related to BharatOCR.
paths:
  /oauth/token:
    post:
      tags:
        - Auth
      summary: Create Auth Token to Initialise the SDK
      description: >-
        Use this API to generate an authentication token required to initialize
        the Cashfree SDK. Provide your **app_id**, and product name (such as
        Video KYC) in the request body. The API returns an **access_token** and
        its expiry details.
      operationId: vrs-generate-auth-token
      parameters:
        - $ref: '#/components/parameters/x_cf_signature'
      requestBody:
        $ref: '#/components/requestBodies/CreateAuthRequest'
      responses:
        '200':
          $ref: '#/components/responses/AuthResponse'
        '400':
          $ref: '#/components/responses/Response400VkycRequest'
        '401':
          $ref: '#/components/responses/Response401'
        '403':
          $ref: '#/components/responses/Response403'
        '404':
          $ref: '#/components/responses/ResponseVKYCRequest404'
        '429':
          $ref: '#/components/responses/Response429'
        '500':
          $ref: '#/components/responses/Response500V2'
      security:
        - XClientID: []
          XClientSecret: []
components:
  parameters:
    x_cf_signature:
      description: Send the signature if IP is not whitelisted.
      name: x-cf-signature
      in: header
      required: false
      schema:
        type: string
      example: ''
  requestBodies:
    CreateAuthRequest:
      description: Request payload for create auth token to initialise the SDK.
      required: true
      content:
        application/json:
          schema:
            $ref: '#/components/schemas/CreateAuthRequestSchema'
  responses:
    AuthResponse:
      description: >-
        Success response for generating an authentication token required to
        initialize the SDK.
      content:
        application/json:
          schema:
            $ref: '#/components/schemas/AuthResponseSchema'
          examples:
            Success:
              value:
                access_token: >-
                  eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c
                expires_at: 2024-02-02 17:30:00 IST
    Response400VkycRequest:
      description: BadRequest
      content:
        application/json:
          schema:
            $ref: '#/components/schemas/ErrorResponseSchema'
          examples:
            VKYC Request Invalid:
              value:
                type: validation_error
                code: vkyc_request_id_value_invalid
                message: Please enter a valid vkyc_request_id
            Phone Invalid:
              value:
                type: validation_error
                code: phone_value_invalid
                message: Please enter a valid phone
            Email Invalid:
              value:
                type: validation_error
                code: email_value_invalid
                message: Please enter a valid email
    Response401:
      description: Invalid client ID and client secret combination
      content:
        application/json:
          schema:
            $ref: '#/components/schemas/ErrorResponseSchema'
          examples:
            Invalid client ID and client secret combination:
              value:
                type: authentication_error
                code: authentication_failed
                message: Invalid clientId and clientSecret combination
    Response403:
      description: Authentication error (IP not whitelisted)
      content:
        application/json:
          schema:
            $ref: '#/components/schemas/ErrorResponseSchema'
          examples:
            IP not whitelisted:
              value:
                type: authentication_error
                code: ip_validation_failed
                message: >-
                  IP not whitelisted your current ip is 106.51.91.104.For IP
                  whitelisting assistance, visit our guide at
                  https://www.cashfree.com/docs/secure-id/get-started/integration/ip-whitelisting-verification
    ResponseVKYCRequest404:
      description: vkyc request not found
      content:
        application/json:
          schema:
            $ref: '#/components/schemas/ErrorResponseSchema'
          examples:
            VKYC Reference Id not found:
              value:
                type: validation_error
                code: reference_id_not_found
                message: reference_id does not exist.
            VKYC Verification Id not found:
              value:
                type: validation_error
                code: verification_id_not_found
                message: verification_id does not exist.
    Response429:
      description: Rate limit exceed error.
      content:
        application/json:
          schema:
            $ref: '#/components/schemas/ErrorResponseSchema'
          examples:
            Rate limit error per operation:
              value:
                type: rate_limit_error
                code: too_many_requests_per_operation
                message: Too many requests for this operation, rate limit reached
            Rate limit error per IP:
              value:
                type: rate_limit_error
                code: too_many_requests_per_ip
                message: Too many requests from the IP, rate limit reached
    Response500V2:
      description: Internal error
      content:
        application/json:
          schema:
            $ref: '#/components/schemas/ErrorResponseSchema'
          examples:
            Internal Server Error:
              value:
                type: internal_error
                code: verification_failed
                message: something went wrong
  schemas:
    CreateAuthRequestSchema:
      type: object
      required:
        - vkyc_request_id
      properties:
        app_id:
          description: >-
            The OAuth App ID generated in the Merchant Dashboard for the
            specific product.
          type: string
          example: <string>
        product:
          description: The product for which the authentication token is generated.
          type: string
          example: VKYC
        metadata:
          type: object
          description: The metadata associated with the authentication token.
          properties:
            vkyc_request_id:
              description: >-
                It is the unique ID which identifies the Video KYC request and
                generated by Cashfree.
              type: number
              example: 249749
        authenticated_user:
          description: The identifier of the authenticated user.
          type: object
          properties:
            identifier_type:
              description: Attribute to identify the user.
              type: number
              example: mobile
            identifier_value:
              description: Identifier ID to identify the user.
              type: number
              example: 9909490494
    AuthResponseSchema:
      type: object
      example:
        value:
          access_token: >-
            eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c
          expires_at: 2024-02-02 17:30:00 IST
      properties:
        expiry:
          type: string
          description: The expiration date and time for the access token.
          example: '2025-05-05T18:01:05+05:30'
        access_token:
          type: string
          description: It displays the the access token value.
          example: mH5tVmtwod4J9GhCXwTuygd2zRZn4pj5
    ErrorResponseSchema:
      type: object
      properties:
        code:
          type: string
          example: x-client-id_missing
        error:
          type: object
          example:
            ref_id: 102
        message:
          type: string
          example: x-client-id is missing in the request.
          description: It displays the outcome of the error.
        type:
          type: string
          example: validation_error
          description: It displays the type of error.
  securitySchemes:
    XClientID:
      type: apiKey
      in: header
      name: x-client-id
      description: >-
        Client ID. You can find your ID in the [Merchant
        Dashboard](https://telr.cashfree.com/verificationsuite/developers/api-keys).
    XClientSecret:
      type: apiKey
      in: header
      name: x-client-secret
      description: >-
        Client secret key. You can find your secret key in the [Merchant
        Dashboard](https://telr.cashfree.com/verificationsuite/developers/api-keys).

````