> ## Documentation Index
> Fetch the complete documentation index at: https://docs.fynn.eu/llms.txt
> Use this file to discover all available pages before exploring further.

# Generate customer authentication

> Generates authentication tokens and a pre-authenticated link to the customer portal. Use this to allow customers to access their portal without entering credentials, or to make API calls on behalf of the customer.

Generates authentication tokens and a pre-authenticated link to the customer portal.

## Use Cases

* **Customer Portal Access**: Generate a link that allows customers to access their portal without entering credentials
* **API on Behalf of Customer**: Use the access token to make API calls on behalf of the customer
* **Email Integration**: Include the customer area link in emails to provide seamless access

## Response

The endpoint returns:

| Field              | Description                                                       |
| ------------------ | ----------------------------------------------------------------- |
| `accessToken`      | JWT access token for API authentication on behalf of the customer |
| `refreshToken`     | JWT refresh token to obtain new access tokens                     |
| `customerAreaLink` | Pre-authenticated short link to the customer portal               |

## Example Response

```json theme={null}
{
    "data": {
        "accessToken": "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9...",
        "refreshToken": "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9...",
        "customerAreaLink": "https://example.customerfront.app/customer-area/login?token=abc123"
    }
}
```

<Warning>
  The `customerAreaLink` contains a short-lived token. Generate a new link if the customer needs to access the portal at a later time.
</Warning>

<Tip>
  Use the `accessToken` to make API calls on behalf of the customer, for example to retrieve their entitlements or subscriptions.
</Tip>


## OpenAPI

````yaml post /customers/{id}/authenticate
openapi: 3.1.0
info:
  title: Fynn API
  description: ''
  termsOfService: https://www.fynn.eu/tos
  contact:
    name: Fynn UG (haftungsbeschränkt)
    url: https://www.fynn.eu
    email: hi@fynn.eu
  license:
    name: Proprietary
    url: https://www.fynn.eu/license
  version: 0.0.0
servers:
  - url: https://coreapi.io
    description: Production
  - url: https://preview.coreapi.io
    description: Sandbox
security:
  - JWT: []
tags: []
paths:
  /customers/{id}/authenticate:
    parameters: []
    post:
      tags:
        - Customer
      summary: Generate customer authentication
      description: >-
        Generates authentication tokens and a pre-authenticated link to the
        customer portal. Use this to allow customers to access their portal
        without entering credentials, or to make API calls on behalf of the
        customer.
      operationId: authenticateCustomer
      parameters:
        - name: id
          in: path
          description: Customer identifier
          required: true
          schema:
            type: string
      responses:
        '200':
          description: >-
            Returns authentication tokens and a customer area link for the
            customer
          content:
            application/json:
              schema:
                type: object
                properties:
                  data:
                    type: object
                    properties:
                      accessToken:
                        type: string
                        description: >-
                          JWT access token for API authentication on behalf of
                          the customer
                      refreshToken:
                        type: string
                        description: JWT refresh token to obtain new access tokens
                      customerAreaLink:
                        type: string
                        description: >-
                          Pre-authenticated link to the customer portal. The
                          customer can use this link to access their portal
                          without logging in.
        '404':
          description: Customer not found
      security:
        - JWT:
            - customer:authenticate
      x-codeSamples:
        - lang: bash
          label: cURL
          source: |-
            curl -X POST \
             /customers/{id}/authenticate \
             --header "Authorization: Bearer <token>"
components:
  securitySchemes:
    JWT:
      type: http
      scheme: bearer

````