iPOSpays Authentication Token API ## Sections • [iPOSpays Authentication Token API](https://app.theneo.io/dejavoo/ipospays-authentication-token-api/new-section-2.md): This guide explains how to generate and refresh an authentication token used to securely interact with iPOSpays APIs. The token must be included in the request header when calling any protected endpoints such as payments, refunds, or transaction status APIs. Generate Auth Token Purpose Use this endpoint to generate a new JWT-based access token using your API Key, Secret Key, and Scope. The apiKey and secretKey are issued by iPOSpays. If you do not have these credentials, contact your Dejavoo representative or email support@dejavoo.io . These keys are required for authentication and must be used along with the appropriate scope, which defines what type of access the token will authorize (e.g., transactions, batch reports, or card lookups). End Points Sandbox URL : https://auth.ipospays.tech/v1/authenticate-token Production URL : https://auth.ipospays.com/v1/authenticate-token • [Auth Token Error Responses](https://app.theneo.io/dejavoo/ipospays-authentication-token-api/new-section-2/auth-token-error-responses.md) • [Refresh Auth Token](https://app.theneo.io/dejavoo/ipospays-authentication-token-api/new-section-2/refresh-auth-token.md): Purpose Use this endpoint to refresh your existing token before it expires. Tokens typically have a short lifespan for security purposes. End Points Sandbox URL : https://auth.ipospays.tech/v1/refresh-token Production URL : https://auth.ipospays.com/v1/refresh-token The generated token used for transactions remains valid for 24 hours. Make sure to refresh the token daily before initiating any transactions. • [Refresh Token Error Responses](https://app.theneo.io/dejavoo/ipospays-authentication-token-api/new-section-2/refresh-auth-token/refresh-token-error-responses.md): Always keep your API Key and Secret Key confidential. Ensure tokens are refreshed before expiration to avoid authentication errors. Use only authorized scopes based on your integration level (e.g., PaymentTokenization).