# Authentication These steps are intended for LSports customers (users with the **Admin and DEFEND Manager** role, for technical users only) to obtain and use non-expiring credentials to access DEFEND services. 1. The admin user should invite the technical users and add for each of them the '**DEFEND manager'** role (with this role, they could generate the API Tokens for the DEFEND integration). 2. **To generate a non-expiring API token, here are the steps:** 1. Log in to the ARENA360 platform. 2. Click on your name icon in the top-right corner → **User Management**. 3. Select **API Tokens** from the sidebar. 4. Click **Generate Token**. 5. Enter a **Description** (e.g., "DEFEND"). 6. Assign the DEFEND Admin role. 7. Under **Expiration**, select **Never**. 8. Click **Create** and **Copy** the **Client ID** and **Secret Key**. 1. **THIS CRUCIAL CREDENTIAL WILL BE AVAILABLE ONLY ONCE!! COPY AND SAVE IT!** 3. **Exchange API Credentials for Access & Refresh Tokens** * **Endpoint**: `POST https://app-c5oqfz43eaji.frontegg.com/identity/resources/auth/v1/api-token` * **Headers**: `Content-Type: application/json` * **Body**: `{ "clientId": "", "secret": "" }` * **Response**: `{ "expires": "", "expiresIn": 1800, "accessToken": "", "refreshToken": "Refresh token>" }` * **Notes**: * accessToken `expiresIn` = 30 minutes. * `refreshToken` lives for 7 days. 4. **Refresh the Access Token** * **Endpoint**: `POST https://.frontegg.com/identity/resources/auth/v2/api-token/token/refresh` * **Headers**: `Content-Type: application/json` * **Body**: `{ "refreshToken": "" }` * **Response**: `{ "expires": "", "expiresIn": 1800, "accessToken": "", "refreshToken": "Refresh token>" }` 5. **Use the Access Token**\ For every API call to DEFEND backend services, include the latest `accessToken` in the `Authorization` header: `Authorization: Bearer ` Remember, the accessToken expires every 30 minutes. {% embed url="" %}