Returns the authentication token required for all other functions during a particular session.


Please Note

On February 1st, 2024 Optimove will no longer support login using username and password. From this date on, Optimove API will only support authentication using API keys, as explained here


  • Refer to this repository for diagramming use cases of how the Login function should be used.
  • Our token policy is following JWT access token standard. Please make sure you comply with the token policy as exampled it the “Sample Response” attached here.
  • The response returned by this request will be the session authentication token (a string). If the supplied credentials are invalid, HTTP error code 401 (Unauthorized) is returned.
  • The returned token must be included within the HTTP request header "Authorization-Token" of subsequent function calls (see Session Authentication Token).
  • The received authentication token remains valid for 20 minutes from the last time any API function was called using it. The Login function should only be called if 20 minutes has elapsed since the last call to the API; otherwise, the authentication token received previously remains valid. As a best practice, the Login function should only be called in the event that any other function call returns an HTTP error 403, "Authorization-Token expired".
  • An HTTP error code of 429 (Too many requests) is returned if the Login function is called too many times unnecessarily.
  • Your Username and Password are provided to you by your Optimove representative.

Sample response:

Sample request:

Click Try It! to start a request and see the response here!