# Introduction This documentation explains how to authenticate your integration user using CONNECT Authenticate and how the provided token is utilized in service calls to Creditsafe Sweden REST APIs. ## Important Information Integration Support The Integration team is available to assist with any technical questions that may arise during development or post-launch. You can reach them at **[integration@creditsafe.se](mailto:integration@creditsafe.se)** API Evolution We reserve the right to add new information, tags, or attributes to the service at any time without prior notice. However, we will **not remove** any existing elements without notifying you in advance. Please note that we do not guarantee the JSON response will be delivered in the same order for all requests. ## Before Implementing a Creditsafe Webservice Before using any of the APIs available for Sweden business data, there are a few important things to understand and confirm: - Always ensure that you have read the development manual for the service you plan to use - It will provide essential guidance on how to build the integration - Contact integration support if you need clarification on any requirements ## SE Webservices that Require Authentication via CONNECT This documentation covers how to use CONNECT Authenticate specifically for making calls to local Swedish REST APIs. Below is the complete list of Creditsafe Swedish REST APIs that require a token from CONNECT Authenticate: - **GetDataUnits** - **DateCheck Consumer** - **DateCheck Company** - **GetSignatory v2** - **GetData** - **SPAR Consumer search v2** Other Services For authentication to other Creditsafe web services not listed above, please refer to the specific development manual for those services. If you plan to build integrations using other methods of the CONNECT service, you will need a specific Creditsafe CONNECT account. A Creditsafe sales manager or the Creditsafe integration support team can assist you with setting this up if needed. ## How Authentication Works An authentication token can be obtained by calling the Authenticate endpoint with your username and password in the request body. The `username` parameter is the **User Key** provided to you by Creditsafe. Important: Credentials are Case-Sensitive The email-based usernames used for logging into Creditsafe websites are **not** the same as the username required for our APIs. If you're unsure of your User Key, please contact Creditsafe integration support for assistance. ### Token Generation The Authenticate endpoint generates a **Bearer JWT** (authentication token), which is necessary to access the SE web services listed earlier in this document. - A successfully generated token is **valid for one hour** - Copy the value of the `token` field from the JSON response - Include it as a REST header in all service calls: `Authorization: Bearer {token}` - When your token expires, you can request a new one independently of the current token - Multiple valid tokens can exist simultaneously - Each token can be used with any of the supported services as long as it remains active ## Token Refresh Strategies When an expired token is used in a call, a **403 HTTP Status (Token Expired)** response will be returned. We recommend using one of the following strategies to refresh tokens: **Strategy 1: Reactive Refresh** - Catch the 403 Token Expired response and refresh the token when needed - Once refreshed, repeat the latest call that was denied **Strategy 2: Proactive Refresh** - Track the timing of when the token was fetched - Request a new token before the previous one expires - This should be done approximately **55 minutes** after the previous token was generated - Generating new tokens too frequently can degrade overall performance ## Next Steps 1. Review the [Sandbox Environment](/country-apis-catalog/product-catalog/se/authenticate/documentation/sandbox) section to set up your development environment 2. Check [Requests and Responses](/country-apis-catalog/product-catalog/se/authenticate/documentation/requests-responses) for detailed API usage and examples 3. Refer to [Error Codes](/country-apis-catalog/product-catalog/se/authenticate/documentation/errorcodes) for troubleshooting common issues 4. Review [Token Metadata](/country-apis-catalog/product-catalog/se/authenticate/documentation/metadata) to understand the JWT token structure