Authentication

User credentials

User credentials authentication is only needed temporarily for the two cross-Workspace operations listed below. These APIs are being updated to support application tokens. For all other API integrations, use application tokens.

User credentials authentication is currently required for:

MFA is required for all accounts except trial plans and can’t be disabled. If your account has MFA enabled, you must handle the multi-step MFA flow, which adds complexity to automated integrations.

Authenticate with user credentials

To authenticate, send a POST request to /api/v1/authenticate with your username (your email address) and a SHA-1 hashed password. The response includes an auth_token and refresh_token.

POST
/api/v1/authenticate
1import requests
2
3url = "https://cdn.emnify.net/api/v1/authenticate"
4
5payload = {
6    "username": "user@service.org",
7    "password": "8Y8knYSkeyYV23kd"
8}
9headers = {"Content-Type": "application/json"}
10
11response = requests.post(url, json=payload, headers=headers)
12
13print(response.json())
Try it
Response
1{
2  "auth_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
3  "refresh_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..."
4}

Hash your password with SHA-1

The API requires your password to be SHA-1 hashed before sending. This is a legacy requirement for compatibility with existing integrations.

To generate a SHA-1 hash in your terminal:

$echo -n 'your_password' | openssl sha1

The -n flag prevents a trailing newline, which would change the hash. Don’t include quotes around your password in the actual command if your password contains special characters.

Refresh your auth token

After successful authentication, the server returns both an auth_token and a refresh_token. Use the refresh token to obtain a new auth_token without re-entering your credentials.

POST
/api/v1/authenticate
1import requests
2
3url = "https://cdn.emnify.net/api/v1/authenticate"
4
5payload = { "refresh_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..." }
6headers = {"Content-Type": "application/json"}
7
8response = requests.post(url, json=payload, headers=headers)
9
10print(response.json())
Try it
Response
1{
2  "auth_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..."
3}

Token expiration

TokenValid forNotes
auth_token240 minutes (4 hours)Use for API requests
refresh_token350 minutes (~6 hours)Single use only

The refresh_token can only be used once. After you use it, the server issues a new refresh token with the new auth token. The refresh token also becomes invalid if you log in from another client.

Handle expired tokens

When your auth_token expires:

  1. If your refresh_token is still valid, use it to get a new auth_token
  2. If both tokens have expired, authenticate again with your username and password

To avoid interruptions, refresh your token before it expires. Consider refreshing when the auth_token has less than 30 minutes remaining.