> ## Documentation Index
> Fetch the complete documentation index at: https://docs.layerfi.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Create business auth token

> Creates a new auth token scoped to the specified business. The business auth token is used to authenticate Layer API requests from client-side applications. Note the return type is an AuthToken object rather than a standard Layer API response object.



## OpenAPI

````yaml post /v1/businesses/{businessId}/auth-token
openapi: 3.0.1
info:
  title: API
  version: latest
servers: []
security:
  - BearerAuth: []
tags: []
externalDocs:
  url: /
paths:
  /v1/businesses/{businessId}/auth-token:
    post:
      tags: []
      summary: Create business auth token
      description: >-
        Creates a new auth token scoped to the specified business. The business
        auth token is used to authenticate Layer API requests from client-side
        applications. Note the return type is an AuthToken object rather than a
        standard Layer API response object.
      operationId: business.auth-token.post
      parameters:
        - name: businessId
          in: path
          description: The UUID of the business to create a business-scoped auth token for.
          required: true
          schema:
            type: string
        - name: Content-Type
          in: header
          description: Content-Type must be set to application/json.
          schema:
            type: string
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/NewBusinessAuthTokenParams'
      responses:
        '200':
          description: ''
          headers: {}
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/AuthToken'
        '400':
          description: Invalid auth token creation parameters.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ApiError'
        '404':
          description: >-
            Business id is not found. This indicates the business id is invalid
            or the business has been archived.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ApiError'
      deprecated: false
components:
  schemas:
    NewBusinessAuthTokenParams:
      type: object
      properties:
        session_duration:
          type: integer
          format: int64
          description: >-
            Length, in seconds, this token will be valid. Default is (3600) 1
            hour.
          example: '3600'
    AuthToken:
      type: object
      properties:
        access_token:
          type: string
          description: The business-scoped access token for the Layer API.
          example: >-
            eyJraWQiOiJaM1BNWbkhFakeAccessTokenKMGExb0ppUm5sRStlbytI6ImFjY2VzcyIsInNjb3BlIjoiaHR0cHM6XC9cLN5-TG3ktXvNe5B9hU9rQgZQ
        expires_in:
          type: integer
          format: int64
          description: Number of seconds until the access token expires.
          example: '12345'
        token_type:
          type: string
          description: Type of the access token, currently always Bearer.
          example: Bearer
    ApiError:
      type: object
      description: An error object returned in API error responses.
      properties:
        type:
          $ref: '#/components/schemas/ApiErrorType'
          description: >-
            A fixed category for the error, helpful for categorizing and
            processing errors.
        description:
          type: string
          description: A human-readable error description.
        error_enum:
          $ref: '#/components/schemas/ApiEnumErrorType'
          description: >-
            A stable, machine-readable identifier for programmatically handling
            specific error conditions. Only present for 4xx client errors—not
            included for 5xx server errors. Use this instead of parsing the
            description field, as enum values remain stable across API versions.
          nullable: true
        meta:
          type: object
          description: Optional additional information about the error.
          nullable: true
      required:
        - type
        - description
    ApiErrorType:
      type: string
      enum:
        - ResourceArchived
        - AuthFailure
        - Plaid
        - Stripe
        - InvalidState
        - ResourceNotFound
        - InvalidParameters
        - JsonSerialization
        - Unknown
        - BadRequest
        - PaginationCursor
        - Conflict
        - LedgerOperationFailed
    ApiEnumErrorType:
      type: string
      description: >-
        Stable enum values for programmatic error handling. Only present in 4xx
        error responses.
      enum:
        - AccessCodeInvalid
        - BalanceSheetDoesNotBalance
        - BalanceSheetMissingAccount
        - BankStatementParserError
        - BillStateError
        - BulkCategorizeFailure
        - BulkMatchFailure
        - BusinessTaskAlreadyCompleted
        - BusinessTaskDeleted
        - CalendlyOAuthError
        - CallBookingError
        - CantUpdateTransactionInCustomerPayout
        - CantUpdateTransactionInVendorPayout
        - CheckPayrollConfigNotFound
        - CheckPayrollServiceNotFound
        - ClerkUserAlreadyExists
        - ConflictingQueryParams
        - CustomAccountAlreadyExists
        - CustomTransactionCsvParsingError
        - CustomTransactionUploadFailure
        - CustomerPayoutInputFormatError
        - DoesNotMatchExistingEntity
        - EmptyBatchRequest
        - ExpenseParserError
        - ExternalAccountBalanceReconciliationError
        - ExternalIdConflict
        - InvalidCategory
        - InvalidEffectiveDate
        - InvalidLedgerOperation
        - InvalidMonthlyAverageRange
        - InvalidMultiPartRequest
        - InvalidPaginationCursor
        - InvalidPayload
        - InvoiceDeleted
        - InvoiceNotFound
        - InvoiceReferenceMismatch
        - InvoiceStateError
        - ManualRateLimit
        - MultipleTagKeyFiltersUnsupported
        - NoCognitoUserFound
        - NoOpeningBalanceFound
        - NotYetReconciled
        - OnePasswordApiError
        - OnePasswordItemNotFound
        - OnePasswordVaultNotFound
        - OpenAICategorizationError
        - PaymentLinkInvalid
        - PayrollStateError
        - PeriodIsClosed
        - PeriodNotClosed
        - PhoneNumberAlreadyRegistered
        - PlaidApiError
        - PlaidConnectionBroken
        - PlaidCreateLinkTokenError
        - PlaidCredentialsNotConfigured
        - PlaidExchangePublicTokenError
        - PlaidGetInstitutionByIdError
        - PlaidGetItemError
        - PlaidInvalidEnvironment
        - PlaidItemAlreadyExists
        - PlaidItemNotFound
        - PlaidProcessorApiError
        - PlaidUnlinkItemError
        - QueryParamFormat
        - QueryParamMissing
        - QuickbooksBrokenConnection
        - QuickbooksConnectionAlreadyExists
        - QuickbooksConnectionAlreadySyncing
        - QuickbooksConnectionMissing
        - QuickbooksConnectionNotActivated
        - QuickbooksInvalidRequest
        - QuickbooksInvalidState
        - QuickbooksNoMatchingAccount
        - QuickbooksNonPostingAccountType
        - QuickbooksNotConfigured
        - QuickbooksOAuthCallbackInvalid
        - QuickbooksOAuthError
        - QuickbooksTokenExpired
        - ResourceArchived
        - ScheduleCNotConfigured
        - SmsNotEnabled
        - SpecifiedBadRequest
        - SpecifiedIdNotFound
        - SplitTransactionError
        - StepEvaluationBadRequest
        - StripeConnectAccountIdNotFound
        - StripeCredentialsNotConfigured
        - StripeGetBalanceForConnectAccountFailure
        - StripeRedirectOrRefreshUrlNotConfigured
        - TagFilterNotFound
        - UnexpectedQueryParam
        - UnitAccountsInUse
        - WrongAnswerType
  securitySchemes:
    BearerAuth:
      type: http
      scheme: bearer
      bearerFormat: JWT

````