🚧
Deprecation Notice
Basic Authentication will no longer be supported starting May 1st, 2026.
V1 Auth Token Endpoint will no longer be supported starting May 1st, 2026.
Please migrate to the V2 Auth Token Endpoint to ensure uninterrupted access.

This API allows you to create or retrieve an access token using your Compliancely account username and password. The access_token provided must be included in the Authorization header for all subsequent API requests, as shown below.

--header 'Authorization: Token {{access_token}}'

At present, the token does not expire. However, any API call may return the following response:

{  
    "detail": "Invalid token."  
}

{  
    "detail": "Authentication credentials were not provided."  
}

In such cases, we recommend handling token expiration by calling the auth-token API to generate a new token.

📘
Note: We do not recommend using of Basic Auth

Throttling

This API enforces throttling, allowing a maximum of 10 requests per minute (RPM). If you exceed this limit, the following error will be returned, and you will need to wait 10 minutes before retrying.

{  
    "detail": "Your request has been throttled due to exceeding the allowed rate limit. Please wait for 10 minutes before trying again. If this issue persists, consider adjusting the request frequency or contact support for further assistance."  
}

Request Definition:

curl --location -g --request POST '{{url}}/auth-token' \
--header 'Content-Type: application/json' \
--data-raw '{
    "username":"$username",
    "password":"$password"
}'