> ## Documentation Index
> Fetch the complete documentation index at: https://umbrella-docs.info/llms.txt
> Use this file to discover all available pages before exploring further.

# Authentication Service

> Authentication endpoint API documentation

For the authentication flow, required headers, and token usage details, please refer to the [Authentication](/authentication) page.

## Endpoint

**POST** `/auth`


## OpenAPI

````yaml POST /auth
openapi: 3.1.0
info:
  title: Umbrella API
  version: 1.0.0
  description: >-
    API documentation for Umbrella services including KYB, KYC, AML, payments,
    phone intelligence, onboarding, and address verification.
servers:
  - url: https://api-umbrella.io/api/services
    description: Production
  - url: https://sandbox-umbrella-api.azurewebsites.net/api/services
    description: Sandbox
security:
  - bearerAuth: []
paths:
  /auth:
    post:
      summary: Authenticate
      description: >-
        Obtain a Bearer token using your `Api-Key` and `Customer-Id` headers.
        The token is valid for 60 minutes and must be included as
        `Authorization: Bearer <access_token>` in all subsequent requests.
      parameters:
        - in: header
          name: Api-Key
          required: true
          schema:
            type: string
            format: uuid
          description: Your API key.
          example: 40ab0d69-fc3e-5fea-bfa8-b94e93462ad9
        - in: header
          name: Customer-Id
          required: true
          schema:
            type: string
            format: uuid
          description: Your customer ID.
          example: 16a6c3e7-7a76-4714-9b34-97135ab4bdcd
        - in: header
          name: Content-Type
          required: true
          schema:
            type: string
            enum:
              - application/x-www-form-urlencoded
      requestBody:
        required: false
        content: {}
      responses:
        '200':
          description: Authentication successful.
          content:
            application/json:
              schema:
                type: object
                properties:
                  access_token:
                    type: string
                    description: JWT Bearer token for use in subsequent requests.
                  expires_in:
                    type: integer
                    description: Token validity in seconds.
                    example: 3600
                  token_type:
                    type: string
                    example: Bearer
              example:
                access_token: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...
                expires_in: 3600
                token_type: Bearer
      security: []
components:
  securitySchemes:
    bearerAuth:
      type: http
      scheme: bearer
      bearerFormat: JWT
      description: Bearer token obtained from POST /auth. Valid for 60 minutes.

````