Conversational AI

Renew expired security token: B2B scenario

This page describes how to renew the authentication token in a B2B scenario.

By default the security tokens will expire in 14 days, so a renewal policy should be defined to ensure the token is valid before calling the API. The application should check if the token is expired or will expire soon, and if so, a new anonymous login attempt should be made, in order to get a new token.

Anonymous login attempt example:

curl -X POST "" \
-H  "accept: application/json" \
-H  "Accept-Language: es-ES" \
-H  "Time-Zone: Europe/Madrid" \
-H  "X-Sherpa-timestamp: 1548084514112" \
-H  "X-Sherpa-hmac: xxxxyyyyyyy***signature******" \
-H  "content-type: application/json" \
-d "{
    \"externalId\": \"\"

Response example:

    "token": "XXXX-SHERPA-TOKEN-XXXX",
    "type": "basic",
    "expires": :1858915823282,
    "username": "demo"

A HTTP code 200 should be obtained, because the user already exists.