How to use an Application Token for API authentication?


Each time you want to use the emnify API, you need to authenticate. You can do so with your emnify credentials or with an Application Token which is more secure. Here are the steps:

  1. Create an Application Token on the EUI;
  2. Generate an Authentication Token based on the application token;
  3. Use the Authentication Token for all other API

1. Create an Application token on the emnify User interface 

  • Click on this symbol clip in the right corner of the EUI.
  • Select "Create New Application Token"
  • Save the application token in a secure place 

2. Generate an Authentication Token from Postman

You can use the Application Token to create an Authentication Token in Postman, which you will then use to run any other emnify API as explained here.

Once the application token is created, you can use it to generate an authentication token. Log in Postman, copy the application token as below and send the following API call. It will create an application token visible in the response body.

To automate authentication, you will have to create a variable with the authentication token from the response body. A new variable called: "Auth_Token" will be created. 

API Call



Content-Type: application/json


First of all click on "Raw,

insert the body below :  





var jsonData = JSON.parse(responseBody);

Response: status  200 OK




Note: Do not forget to save this request in order to refresh the authentication token for the following connections.

3. Use the Authentication Token for the following API requests

For demo purposes, we will integrate into the authentication token in the API call to GET the Endpoint Collection. The steps will be the following : 

  1. Send Authentication API with Application token to refresh authentication token (cf. above)
  2. Send the following API call to retrieve endpoint collection with the Auth token

API Call



Content-Type: application/json

Authorization: Bearer

Response: status  200 OK


    "id": 1,

    "name": "arduino01",

    "tags": "arduino, meter, temp",

    "created": "2014-08-01T08:47:00+00:00",

    "last_updated": "2016-02-29T14:02:47.000+0000",

    "status": {

      "id": 1,

      "description": "Disabled"


    "service_profile": {

      "id": 1,

      "name": "Smart Meter"


    "tariff_profile": {

      "id": 3,

      "name": "Domestic only"


    "sim": {

      "id": 788,

      "iccid": "7368267365454773621",

      "imsi": "90199123565690",

      "msisdn": "+885637486456"


    "imei": "8645454889321",

    "imei_lock": true,

    "ip_address": "",

    "ip_address_space": {

      "id": 2



From now on, you can use the emnify API library. Do not forget to integrate the authentication token for each of your API calls.

Related Posts

Image for post How to send and receive SMS via the API?

How to send and receive SMS via the API?

To submit SMS directly from your application to an endpoint using our API, the following API call needs to be made: POST{endpointId}/sms Required Headers: Content-Type: application/json Authorization: Bearer {auth_token} JSON Body: { "source_address": "12345", "payload": "This is the message text!" } To receive SMS on your application server from the device you will need to first set up a Callback URL in the Service profile assigned to that endpoint: Set the API URL on the "SMS" tab - select "RestAPI" on the drop-down menu for “Interface” Select the “configuration icon” next to “RestAPI”, input a purpose (name of your choosing) and the URL You can also set up a "Secret" (optional) The EMnify system will then send the MO SMS as a JSON payload if the destination address of the SMS is an invalid MSISDN (8 digits or less). A2P / P2P Routing Our system distinguishes A2P SMS (application-to-person) from P2P SMS (person-to-person) based on the length of the source (MO SMS) or the destination (MT SMS) address. If there are 8 digits or less (i.e. an invalid MSISDN), an SMS will be considered A2P. If there are 9 digits or more, an SMS will be processed as MSISDN and will be considered P2P. To dispatch SMS MO to your application (A2P) and at the same time have P2P SMS enabled, the destination number (dest_address) must be limited to 8 digits or less. A detailed description of the SMS API you can find in our API Documentation.