# Authorization All global platform API require an authorization token to work. The authorization token, once obtained, contains all of the information required for subsequent calls to be completed. {% hint style="info" %} The \ value mentioned in all API calls refers to the route assigned to your bot. Make sure to retrieve the correct route of your bot that you can find under the [Settings > Developers](/basic-concepts/chatbot-details/chatbot-settings/developers-setting.md) section of your bot details. If you are generating an authorization token for a channel service (e.g. Custom Channel), the token must be requested from the service endpoint and not from the general API route one. {% endhint %} ### Account wide Token Request Using your account API Key, that can be found under your Profile section in your account details, you can require an Authorization token using the following request: ```bash curl --location --request POST '/authorization/integration' \ --header 'Content-Type: application/json' \ --data-raw '{ "AccountAPIKey":"" }' ``` An authorization token grants access to all of the API methods for about 60 minutes. When the authorization token expires, a new authorization token must be requested by repeating the very same request. ### Bot Level Token Request Some API endpoints, such as Xenioo Database API Interface will require a token related to a very specific chatbot. To create such token the authorization request must contain the bot API Token and Secret like in the example below: ```bash curl --location --request POST '/authorization/integration' \ --header 'Content-Type: application/json' \ --data-raw '{ "AccountAPIKey":"", "BotAPIKey":"", "BotAPISecret":"" }' ``` You can find both bot API Key and bot API Secrets under the Developers section of the settings top menu of your bot details. ### Response If the request is successful, Xenioo will reply with an authorization token that may look like this: ```javascript { "token": "dmO/lbiq5FN+oyrAF3BLhdo[...]", "expires": 60 } ``` The expire information indicates for how many minutes the token is valid. ### Response Codes This endpoint will reply with the following standard HTTP codes. | Code | Meaning | | ---- | -------------------------------------------------------------------------------------------------------------------------------------- | | 200 | Ok. The request has been successfully fulfilled. | | 400 | Bad Request. The call does not contain the data required to be fulfilled. | | 404 | Not Found. The specified account API key has not been found | | 403 | Unauthorized. The specified account API key is related to a free account or an account that cannot integrate with Global Platform API. | --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.xenioo.com/xenioo-api/globa-platform-api/authorization.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.