KSeF Authentication
POST /auth/{environment}​
Logs in (establishes a connection) to KSeF using a certificate associated with the user account. Initiates an interactive session and returns access tokens.
Path Parameters​
| Parameter | Type | Required | Description |
|---|---|---|---|
environment | string | ✅ | test, demo, or prod |
Response 200​
{
"accessToken": {
"token": "eyJ...",
"validUntil": "2026-04-18 23:00:00"
},
"refreshToken": {
"token": "eyJ...",
"validUntil": "2026-04-18 23:00:00"
},
"environment": "test",
"nip": "9570429696",
"subjectName": "C=PL, O=Company XYZ, CN=user@example.com",
"shortName": "user@example.com",
"authenticatedAt": "2026-04-11 23:00:00"
}
| Field | Type | Description |
|---|---|---|
accessToken | object | KSeF access token with an expiration date |
refreshToken | object | KSeF refresh token (may be null) |
environment | string | The KSeF environment used |
nip | string | Company Tax ID (NIP) |
subjectName | string | Full subject name from the certificate |
shortName | string | Shortened subject name |
authenticatedAt | string | Authentication date |
Error Codes​
| Code | Description |
|---|---|
| 401 | Missing or incorrect credentials (Basic Auth) |
| 403 | Missing required role (admin or technical) |
| 404 | No active certificate for the given environment |
| 500 | Server or KSeF error |