AuthMe
  1. Generate Token
AuthMe
  • Getting Started
  • User Identities
    • Create Identity
      POST
    • Retrieve an Identity
      POST
    • Generate Param
      POST
    • User identification
      POST
    • Login user
      POST
    • Login legacy user
      POST
    • Authenticate user by param
      POST
    • User remember-me
      POST
    • User renovate-token
      POST
    • User associate-user-device
      POST
    • Generates token when user navigates between applications
      POST
    • Generates an Access token
      POST
    • Renew Token
      POST
    • Create password
      POST
    • Change Password
      POST
    • Reset password
      POST
    • Get Identities from user
      GET
    • Remove Identity
      DELETE
    • Updates specific identity attributes
      PATCH
    • Provision logon in mainframe
      POST
    • Lock an user credential
      POST
    • Unlock an user credential
      POST
    • Remove Identity
      DELETE
    • Add Identity
      PATCH
    • Leverage MFA
      POST
    • Fulfill MFA
      POST
    • Generate token to login with digital certificate
      POST
    • Authenticate with digital certificate
      POST
    • Generate a renew app token based on SAML integration informed data
      POST
    • Associate legacy logon by email
      POST
    • Associate legacy logon by mobile
      POST
    • Complete Associate legacy logon
      POST
    • Retrieve a legacy identity
      POST
    • Reset a legacy identity
      POST
    • Add alternative contacts to use on MFA process
      POST
    • Retrieve all user authentication factors
      GET
    • Update an alternative contact to use on MFA process
      PUT
    • Delete an alternative contact
      DELETE
    • Send a token to an authentication factor
      POST
    • Validate a Token previously sent to an authentication factor.
      POST
    • Grant Auth Smart Role
      POST
    • Login using federated accounts
      POST
    • Add alternative contacts to use on MFA process
      POST
    • Partial update to alternative contact to use on MFA process with adminstrative roles.
      PATCH
    • Delete an alternative contact with administrative roles
      DELETE
  • Client Identities
    • Create Identity
    • Remove Identity
    • Bulk Migrates Client Identities Organizational Structure
    • Login client
    • Login client
  • My Client Identities
    • Create Identity
    • Remove Client Identity
  • User Accesses
    • Groups - List Users
    • Groups - Add User
    • Groups - Remove User
    • Groups - List Business Users
    • Groups - Add Business User
    • Groups - Remove Business User
    • List User Roles
  • Business Accesses
    • Groups - List Business
    • Groups - Add Business
    • Groups - Remove Business
    • List Business Roles
  • Service Accesses
    • Groups - List Services
    • Groups - Add Service
    • Groups - Remove Service
    • List Service Roles
  • Product Accesses
    • Generate Opaque Token
    • Validate Opaque Token
  • Keys
    • Gets public key used to validate JWT
  • Corporate Groups
    • Creates a corporate group
    • Lists corporate groups
    • Gets corporate group by id
    • Updates a corporate group
    • Deletes a corporate group
  • Customer
    • Creates a Business Customer
    • Creates a User Customer
  • Identific
    • Create a new ApiKey for the Identific
    • List all ApiKey
    • Update an ApiKey
    • Delete an ApiKey
  • Groups
    • Creates a group
    • Lists groups
    • Gets group by id
    • Updates a group
    • Delete a group.
    • Creates a group role.
    • Deletes a group role.
    • Creates a group dependency.
    • Deletes a group dependency.
  • Generate Token
    • Generate a access token and a refresh token
      POST
  1. Generate Token

Generate a access token and a refresh token

Prod Env
https://api.serasaexperian.com.br
Prod Env
https://api.serasaexperian.com.br
POST
https://api.serasaexperian.com.br
/security/iam/v1/generate-token
Generate Token

Responsibilities#

This endpoint has the function of generate a access token and a refresh token (if user selected remember-me option). Note, if user selected remember-me option, the user access token has a 10 minutes expire time. If not, user access token has 30 minutes expire.

Requirements#

Use "Basic" authentication to authenticate the client, example: Basic base64(client_id:client_secret)
To access this endpoint, the client must have one of the following sets of roles:
ROLE_CLI-1STPARTY and ROLE_CLI-AUTH-BASIC
Request Request Example
Shell
JavaScript
Java
Swift
curl --location --request POST 'https://api.serasaexperian.com.br/security/iam/v1/generate-token' \
--header 'Content-Type: application/json' \
--data-raw '{
    "clientId": "5c6e91ed8321222db87124a3",
    "defaultClientId": "6021a87ee80a460ad3791511",
    "tokenRequestType": "USER",
    "deviceId": "604b856442b4441b91c99fe4",
    "userId": "5ef904d4b91ac90414895f3c",
    "logon": "A123321B",
    "param": "D1VEYFB9DQVN8EVE6ESRUXW1DPPG18DNYNRMNPGV0LYIS4Q9DLVNB29D6SG1A",
    "rememberMe": false,
    "loginGrantedAuthorities": "AUTH-IDENTIFIED"
}'
Response Response Example
200 - Example 1
[
    {
        "code": "01",
        "message": "message reference code error"
    }
]

Request

Body Params application/json
clientId
string 
required
Unique identifier to client
Example:
5c6e91ed8321222db87124a3
defaultClientId
string 
optional
Unique identifier to default client
Example:
6021a87ee80a460ad3791511
tokenRequestType
enum<string> 
required
Token type
Allowed values:
USERCLIENTREMEMBER_MEPRODUCT
deviceId
string 
optional
Unique identifier to deviceId
Example:
604b856442b4441b91c99fe4
userId
string 
optional
Unique identifier to user
Example:
5ef904d4b91ac90414895f3c
logon
string 
optional
Unique identifier to logon
Example:
A123321B
param
string 
optional
Generated param
Example:
D1VEYFB9DQVN8EVE6ESRUXW1DPPG18DNYNRMNPGV0LYIS4Q9DLVNB29D6SG1A
rememberMe
boolean 
optional
Generate a refresh token
Default:
false
Example:
true
loginGrantedAuthorities
enum<string> 
required
Token type
Allowed values:
AUTH-IDENTIFIEDAUTH_BASICAUTH_MFAAUTH_SMARTAUTH_STRONG
Examples

Responses

🟢200OK
application/json
Unexpected Error.
This endpoint can throw the following errors:
[{"code": "79", "message": "The TokenRequestType is not implemented."}]
Body
array of:
code
string 
required
Code error.
Example:
01
message
string 
required
Return message reference code error.
Example:
message reference code error
🟢201Created
🟠400Bad Request
🟠401Unauthorized
🟠403Forbidden
🟠404Record Not Found
🔴500Server Error
Modified at 2025-04-11 12:00:41
Previous
Deletes a group dependency.
Built with