> ## Documentation Index
> Fetch the complete documentation index at: https://docs.serval.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Create Token

> Create a token for use across the API.

To obtain your Client ID and Client Secret, visit the [API Settings page](https://app.serval.com/admin/settings) in your Serval dashboard.

## Authentication

This endpoint uses HTTP Basic Authentication where:
- **Username**: Your Client ID
- **Password**: Your Client Secret

The Authorization header should contain `Basic <base64-encoded-credentials>`, where the credentials are `client_id:client_secret` encoded in base64.

## Example Request

```bash
curl -X POST https://public.api.serval.com/v2/auth/token \
  -H "Content-Type: application/x-www-form-urlencoded" \
  -u "your-client-id:your-client-secret" \
  -d "grant_type=client_credentials"
```

Or with explicit Basic auth header:

```bash
# First, base64 encode your credentials: client_id:client_secret
# For example, if client_id=abc123 and client_secret=secret456
# echo -n "abc123:secret456" | base64
# Result: YWJjMTIzOnNlY3JldDQ1Ng==

curl -X POST https://public.api.serval.com/v2/auth/token \
  -H "Content-Type: application/x-www-form-urlencoded" \
  -H "Authorization: Basic YWJjMTIzOnNlY3JldDQ1Ng==" \
  -d "grant_type=client_credentials"
```

## Using the Access Token

Once you receive the access token, use it in subsequent API requests:

```bash
curl -X GET https://public.api.serval.com/v2/workflows \
  -H "Authorization: Bearer your-access-token"
```




## OpenAPI

````yaml /sections/api-reference/auth-openapi-spec.yaml post /v2/auth/token
openapi: 3.1.0
info:
  title: API Spec
  version: 1.0.0
  description: OpenAPI documentation for the API Spec
servers:
  - url: https://public.api.serval.com
    description: US region (default)
  - url: https://public.eu1.serval.com
    description: EU region
security:
  - bearerAuth: []
paths:
  /v2/auth/token:
    post:
      tags:
        - Auth API
      summary: Create Token
      description: >
        Create a token for use across the API.


        To obtain your Client ID and Client Secret, visit the [API Settings
        page](https://app.serval.com/admin/settings) in your Serval dashboard.


        ## Authentication


        This endpoint uses HTTP Basic Authentication where:

        - **Username**: Your Client ID

        - **Password**: Your Client Secret


        The Authorization header should contain `Basic
        <base64-encoded-credentials>`, where the credentials are
        `client_id:client_secret` encoded in base64.


        ## Example Request


        ```bash

        curl -X POST https://public.api.serval.com/v2/auth/token \
          -H "Content-Type: application/x-www-form-urlencoded" \
          -u "your-client-id:your-client-secret" \
          -d "grant_type=client_credentials"
        ```


        Or with explicit Basic auth header:


        ```bash

        # First, base64 encode your credentials: client_id:client_secret

        # For example, if client_id=abc123 and client_secret=secret456

        # echo -n "abc123:secret456" | base64

        # Result: YWJjMTIzOnNlY3JldDQ1Ng==


        curl -X POST https://public.api.serval.com/v2/auth/token \
          -H "Content-Type: application/x-www-form-urlencoded" \
          -H "Authorization: Basic YWJjMTIzOnNlY3JldDQ1Ng==" \
          -d "grant_type=client_credentials"
        ```


        ## Using the Access Token


        Once you receive the access token, use it in subsequent API requests:


        ```bash

        curl -X GET https://public.api.serval.com/v2/workflows \
          -H "Authorization: Bearer your-access-token"
        ```
      operationId: svauth.public.PublicAPIService.CreateToken
      requestBody:
        content:
          application/x-www-form-urlencoded:
            schema:
              type: object
              properties:
                grant_type:
                  type: string
                  title: grant_type
                  enum:
                    - client_credentials
      responses:
        '200':
          description: Success
          content:
            application/json:
              schema:
                type: object
                properties:
                  access_token:
                    type: string
                    title: access_token
                    description: The access token.
                  token_type:
                    type: string
                    title: token_type
                    description: The type of token.
                  expires_in:
                    type: integer
                    title: expires_in
                    description: The number of seconds until the token expires.
        default:
          description: Error
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/connect.error'
      security:
        - basicAuth: []
components:
  schemas:
    connect.error:
      type: object
      properties:
        code:
          type: string
          examples:
            - not_found
          enum:
            - canceled
            - unknown
            - invalid_argument
            - deadline_exceeded
            - not_found
            - already_exists
            - permission_denied
            - resource_exhausted
            - failed_precondition
            - aborted
            - out_of_range
            - unimplemented
            - internal
            - unavailable
            - data_loss
            - unauthenticated
          description: >-
            The status code, which should be an enum value of
            [google.rpc.Code][google.rpc.Code].
        message:
          type: string
          description: >-
            A developer-facing error message, which should be in English. Any
            user-facing error message should be localized and sent in the
            [google.rpc.Status.details][google.rpc.Status.details] field, or
            localized by the client.
        detail:
          $ref: '#/components/schemas/google.protobuf.Any'
      title: Connect Error
      additionalProperties: true
      description: >-
        Error type returned by Connect:
        https://connectrpc.com/docs/go/errors/#http-representation
    google.protobuf.Any:
      type: object
      properties:
        type:
          type: string
        value:
          type: string
          format: binary
        debug:
          type: object
          additionalProperties: true
      additionalProperties: true
      description: >-
        Contains an arbitrary serialized message along with a @type that
        describes the type of the serialized message.
  securitySchemes:
    bearerAuth:
      type: http
      scheme: bearer
    basicAuth:
      type: http
      scheme: basic

````