> ## Documentation Index
> Fetch the complete documentation index at: https://docs.clickpesa.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Generate Authorization Token

> Generates JWT Authorization token required for accessing ClickPesa APIs

<Note> JTW token is valid for **1 hour** from the time of issuance. After it expires, you must generate a new token. </Note>


## OpenAPI

````yaml POST /generate-token
openapi: 3.0.1
info:
  title: CORE API OpenAPI Specification
  description: This is the API documentation for the ClickPesa CORE API
  license:
    name: MIT
  version: 1.0.0
servers:
  - url: https://api.clickpesa.com/third-parties
security:
  - bearerAuth: []
paths:
  /generate-token:
    post:
      tags:
        - Authorization
        - Security
      description: Generates JWT Authorization token required for accessing ClickPesa APIs
      parameters:
        - in: header
          name: client-id
          required: true
          schema:
            type: string
          description: Your Application Client ID.
        - in: header
          name: api-key
          required: true
          schema:
            type: string
          description: Your Application API Key.
      responses:
        '200':
          description: Generate token response
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenerateTokenResponse'
        '401':
          description: Unauthorized
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenerateTokenMissingCredentialsError'
        '403':
          description: Invalid Client Details
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GenerateTokenInvalidClientDetailsError'
      security: []
components:
  schemas:
    GenerateTokenResponse:
      type: object
      properties:
        success:
          type: boolean
          example: true
        token:
          type: string
          example: Bearer token
      required:
        - success
        - token
    GenerateTokenMissingCredentialsError:
      type: object
      properties:
        message:
          type: string
          example: Unauthorized
      required:
        - message
    GenerateTokenInvalidClientDetailsError:
      type: object
      properties:
        message:
          type: string
          enum:
            - Invalid client details
            - Invalid or Expired API-Key
            - Unauthorized API-Key
          example: Invalid or Expired API-Key
      required:
        - message
  securitySchemes:
    bearerAuth:
      type: http
      scheme: bearer
      description: >-
        Authorization header containing the JWT access token returned from the
        generate token endpoint. The token already includes the Bearer prefix.
        Example: `Authorization: Bearer eyJhbGciOi...`
      bearerFormat: JWT

````