The authentication service is mainly used to obtain the token which will be used to stamp our CFDI (xml) already issued, In order to use this service, it is necessary that you have a username and a password to receive the token.
There are two different access tokens, temporary token and infinite token, the temporary token has a life time of two hours and the infinite does not expire unless it is revoked and it can be renewed.
Authenticate using API services
🛠 Test URL : https://services.test.sw.com.mx
🧰 Production URL : https://services.sw.com.mx
Endpoint
| Method | Route |
|---|---|
| POST | /security/authenticate |
Headers
| Header | Value |
|---|---|
| user | |
| password | $password |
Request Example
curl --request POST \ --url https://services.test.sw.com.mx/security/authenticate \ --header 'password: $password' \ --header 'user: $email
Response Example
{
"data": {
"token": "T2lYQ0t4L0RHVkR4dHZ5N....",
"expires_in": 1684523799,
"tokeny_type": "Bearer"
},
"status": "success"
}
Authenticate using infinite Token
The infinite token of JWT type, unlike a token obtained through the authentication service, does not have an expiration date and will remain valid until it is revoked and a new token is generated.
To perform any of these processes, you must access the ADT (Stamp Administrator) portal with your credentials.
Remember… The token is your access key to consume the service; maintain a security policy around the token.
🛠 Test URL : Portal Administrador de Timbres Pruebas (ADT)
🧰 Production URL : Portal Administrador de Timbres (ADT)
Obtain Infinite Token
To obtain it, follow these two simple steps:
In the left side panel of the ADT, select the “Configuración” option.
Select the “Credenciales de Acceso” option, where you can “Show” the infinite token or copy it by clicking the “Copiar” button.
That’s it! You can use this token to authenticate and consume our APIs and stamping services.
Revoke and Regenerate Infinite Token
The infinite token can also be revoked if required, whether due to system updates, security policies, or changes in your business logic, by following these simple steps:
In the left side panel of the ADT, select the “Configuración” option.
Select the “Credenciales de Acceso” option, where you can “Show” the infinite token or copy it by clicking the “Copiar” button.
That’s it! You can use this token to authenticate and consume our APIs and stamping services.
Upon clicking this option “Regenerar”, the following message appears, and you must confirm to proceed with the revocation and regeneration of the token.
Warning: This process is irreversible; do not proceed unless strictly necessary.
After completing the process, the following confirmation message will appear.
That’s it! The token will be revoked and a new one generated, which will revoke the previous one. Remember to replace the old token with the new one to continue consuming our APIs and stamping services.