# Using an authorization token

Upon successful JWE response decryption (For details, see: [Example of Decryption](https://docs.merchant.alb.ua/en/authentication#the-process-of-decrypting-jwe-data)) to the `/api-gateway/authorize_virtual_device` authorization request, you receive a session token and its lifetime parameters:

<table data-header-hidden><thead><tr><th></th><th width="297.800048828125"></th><th></th></tr></thead><tbody><tr><td><strong>Parameter</strong></td><td><strong>Example Value</strong></td><td><strong>Description</strong></td></tr><tr><td><code>tokenExpirationDateTime</code></td><td><code>"2025-02-27 12:12:34.0430 +0000"</code></td><td>UTC+00:00</td></tr><tr><td><code>tokenExpiration</code></td><td><code>"2025-02-27 14:12:34.430+02:00"</code></td><td>UTC+02:00 (Kyiv Time)</td></tr></tbody></table>

The total authorization validity period is 24 hours from the moment the `/api-gateway/authorize_virtual_device` request was executed.

#### Recommended Usage

It is recommended to perform authorization every 8, 12, or 24 hours to reduce errors during authorization token usage.

> Important Note! You should not perform a new authorization request for every subsequent API request.

#### Possible Issues and Solutions

| **Problem**                                   | **Error Code / Message**                                                              | **Solution**                                                                                                                      |
| --------------------------------------------- | ------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------- |
| Expired Authorization Token due to Inactivity | Error: `"b_auth_token_expired"`                                                       | Action Required: Contact the support team for resolution.                                                                         |
| Expired Current Token                         | Error: `"b_expired_token"`                                                            | Action Required: Execute a new authorization request to `/api-gateway/authorize_virtual_device`.                                  |
| Expired Current Session                       | Error: `"b_session_doesnt_exist"` (Text: "Сеансу не існує"- *Session does not exist*) | Action Required: Execute a new authorization request to `/api-gateway/authorize_virtual_device` and utilize the new session data. |

**Details on Inactivity Error**

If the serviceCode is inactive for more than 200 days, access to the API is automatically closed. After the issue is fixed by support, the authorization response will contain new parameters that must be updated before continuing to use API requests.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.merchant.alb.ua/en/using-an-authorization-token.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.