# User Authentication
### POST /create-session
The Simplio3D OpenAPI provides several endpoints for user authentication. These endpoints allow users to securely sign up, log in, and manage their authentication status.
#### Generate Login Token for a User
The 'Generate Login Token for a User' endpoint is a crucial part of the authentication process, as it enables the creation of a secure token that verifies a user's identity. Once a user successfully logs in with valid credentials, such as a username and password, this endpoint is responsible for generating a unique token. This token is essentially a cryptographic string that represents the user's session and is used to authenticate subsequent API requests.
When a request is made to this endpoint, the system validates the provided credentials and, upon successful verification, issues a token. This token should then be stored securely on the client side, typically in a secure location like local storage or a secure cookie, to prevent unauthorized access or exposure. For all future interactions with protected resources within the application, the client must include this token in the authorization header of their API requests.
#### Endpoints
## POST /api/open-api/v1/auth/create-session
> Generate login token for a user
```json
{"openapi":"3.0.0","info":{"title":"Simplio3D-Open REST API","version":"1.0.0"},"tags":[{"name":"Authentication","description":"API Endpoints for User Authentication"}],"servers":[{"url":"https://app.simplio3d.com","description":"API Open Base URL"},{"url":""}],"security":[{"apiKeyAuth":[]}],"components":{"securitySchemes":{"apiKeyAuth":{"type":"apiKey","description":"Enter your Authorization key here.","name":"Authorization","in":"header"}}},"paths":{"/api/open-api/v1/auth/create-session":{"post":{"tags":["Authentication"],"summary":"Generate login token for a user","operationId":"40e023f5f250da13f94e48c808d5560c","requestBody":{"required":true,"content":{"multipart/form-data":{"schema":{"required":["id","domain_name"],"properties":{"id":{"description":"Configurator ID to generate the token. You can find this Configurator Encrypted ID in share module","type":"string"},"domain_name":{"description":"Domain name","type":"string"}},"type":"object"}}}},"responses":{"200":{"description":"Token generated successfully","content":{"application/json":{"schema":{"properties":{"message":{"type":"string"},"token":{"type":"string"}},"type":"object"}}}},"400":{"description":"Validation error"},"403":{"description":"Unauthorized token"},"500":{"description":"Server error"}}}}}}
```
This method largely eliminates the need for users to repeatedly enter their credentials for every request, thereby improving both usability and security. It ensures that only authenticated users can access sensitive data and perform actions that require a verified identity. Furthermore, implementing token expiration policies and revocation capabilities enhances the system's security, as tokens can be invalidated after a certain period or upon user logout, safeguarding against improper use.
{% hint style="warning" %}
**Ensure you have the necessary authorization credentials (e.g., Bearer Token) to access this endpoint which is taken from the 'Share' tab encryption token found at the bottom of the page.**
{% endhint %}
---
# Agent Instructions: Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.
Perform an HTTP GET request on the current page URL with the `ask` query parameter:
```
GET https://docs.simplio3d.com/api-reference/open-api/user-authentication.md?ask=
```
The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.
Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.