> ## Documentation Index
> Fetch the complete documentation index at: https://docs.yofacturo.es/llms.txt
> Use this file to discover all available pages before exploring further.

# Create API session token

> Authenticates using api_key and returns a session token valid for 24 hours.



## OpenAPI

````yaml /openapi.json post /api/v1/auth/sessions
openapi: 3.1.0
info:
  title: YoFacturo API v1
  version: 1.0.0
  summary: API for authentication and invoice batch ingestion and status
  description: |
    API v1 operational endpoints.

    Authentication flow:
    1. Exchange organization api_key for a session token.
    2. Use Authorization: Bearer <session_token> for protected endpoints.
servers:
  - url: https://app.yofacturo.es
security: []
tags:
  - name: Auth
  - name: Invoice Batches
  - name: Batch Invoices
paths:
  /api/v1/auth/sessions:
    post:
      tags:
        - Auth
      summary: Create API session token
      description: >-
        Authenticates using api_key and returns a session token valid for 24
        hours.
      operationId: createApiSession
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/CreateSessionRequest'
            examples:
              valid:
                value:
                  api_key: org_live_1234567890abcdef
      responses:
        '201':
          description: Session token created
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/CreateSessionResponse'
              examples:
                success:
                  value:
                    session_token: H2sY0Qw_example_8eA
                    expires_at: '2026-03-27T10:30:00Z'
        '400':
          description: Missing or invalid required parameter
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
              examples:
                badRequest:
                  value:
                    error:
                      code: bad_request
                      message: 'param is missing or the value is empty: api_key'
        '401':
          description: Invalid or revoked API key
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
              examples:
                unauthorized:
                  value:
                    error:
                      code: unauthorized
                      message: Invalid API key
components:
  schemas:
    CreateSessionRequest:
      type: object
      additionalProperties: false
      required:
        - api_key
      properties:
        api_key:
          type: string
          minLength: 1
    CreateSessionResponse:
      type: object
      additionalProperties: false
      required:
        - session_token
        - expires_at
      properties:
        session_token:
          type: string
        expires_at:
          type: string
          format: date-time
    ErrorResponse:
      type: object
      additionalProperties: false
      required:
        - error
      properties:
        error:
          type: object
          additionalProperties: false
          required:
            - code
            - message
          properties:
            code:
              type: string
            message:
              type: string

````