# Auth

## Create authentication token

 - [POST /auth/token](https://docs.pers.ninja/swagger/auth/authcontroller_createtoken.md): Universal token creation supporting multiple authentication flows:
        
        USER TOKEN CREATION (External Providers):
        - Header: X-API-Key (tenant identification)
        - Body: { authToken: "jwt_from_provider" }
        - Supported providers: DFNS, Firebase, Auth0, Okta
        
        ADMIN TOKEN CREATION:
        - Header: Authorization: Bearer admin_jwt
        - Body: {} (admin context from JWT)
        - Returns tenant-scoped admin tokens
        
        FUTURE EXTENSIBILITY:
        - Provider-specific token exchange flows
        - Multi-provider token creation patterns
        - Automatic provider detection and validation

## Refresh authentication tokens

 - [POST /auth/refresh](https://docs.pers.ninja/swagger/auth/authcontroller_refresh.md): Refresh access tokens using valid refresh token