# Requests Authentication

Each request you send to GeroSense API must be signed with an authentication token. To receive a new token, use `/login/access-token` endpoint.

<mark style="color:green;">`POST`</mark> `https://api-b2b.gerosense.ai/api/v1.0/login/access-token`

#### Headers

| Name                                           | Type   | Description                       |
| ---------------------------------------------- | ------ | --------------------------------- |
| Content-Type<mark style="color:red;">\*</mark> | String | application/x-www-form-urlencoded |

#### Request Body

| Name                                       | Type   | Description                            |
| ------------------------------------------ | ------ | -------------------------------------- |
| username<mark style="color:red;">\*</mark> |        | The username that we provided you with |
| password<mark style="color:red;">\*</mark> | String | The password that we provided you with |

{% tabs %}
{% tab title="200: OK The token was successfully created " %}

{% endtab %}

{% tab title="403: Forbidden The token is expired. Request a new token" %}

{% endtab %}
{% endtabs %}

{% code title="REQUEST (EXAMPLE)" %}

```bash
curl -X 'POST' 'https://api-b2b.gerosense.ai/api/v1.0/login/access-token' \
     -H 'Content-Type: application/x-www-form-urlencoded' \
     -d 'username=<username>&password=<password>'
```

{% endcode %}

{% code title="200 – RESPONSE (EXAMPLE)" %}

```json
{
  "access_token": "<token>",
  "token_type": "Bearer"
}
```

{% endcode %}

Once you have the token, add it in the `Authorization` header of all subsequent requests as shown below:

```bash
curl -X 'POST' 'https://api-b2b.gerosense.ai/api/v1.0/login/test-token' \
     -H 'accept: application/json' \
     -H 'Authorization: Bearer <token>'
```