Conversational AI

Renew expired security token: B2C scenario

This page describes how to renew the authentication token in a B2C scenario.

By default the security tokens will expire in 14 days, so a renewal policy should be defined to ensure the token is valid before calling the API. The application should check if the token is expired or will expire soon, and if so, a new login attempt should be made, in order to get a new token.

Login attempt example:

curl -X POST "" \
-H  "accept: application/json" \
-H  "Accept-Language: es-ES" \
-H  "Time-Zone: Europe/Madrid" \
-H  "content-type: application/json" \
-d "{  
    \"email\": \"\",
    \"password\": \"chooseYourStrongPassword\",
    \"deviceId\": \"demo-device\",
    \"lat\": 43.3017218,
    \"lon\": -2.9735617

If the login is successful, HTTP response code 200 will be returned and, in the body, there will be a new token that will expire in 14 days.

    "token": "XXXX-SHERPA-TOKEN-XXXX",
    "type": "basic",
    "expires": :1858915823282