# POST /customers/{customer_id}/auth-token

**Generate an authentication token for a customer**

Generates an authentication token for a customer. You can pass a generated authentication token to Paddle.js when opening a checkout to let customers work with saved payment methods.

Authentication tokens are temporary and shouldn't be cached. They're valid until the `expires_at` date returned in the response.

**Required permissions:** `customer_auth_token.write`

## Path parameters

| Name | Type | Required | Description |
| --- | --- | --- | --- |
| `customer_id` | string | required | Paddle ID of the customer entity to work with. (pattern: `^ctm_[a-z\d]{26}$`) |

## Response (200)

- `data`: object (required) — Represents a customer authentication token.
  - `customer_auth_token`: string (required) — Authentication token generated by Paddle for this customer. Pass to Paddle.js when opening a checkout to let customers work with saved payment methods.
  - `expires_at`: string (date-time) (required) — RFC 3339 datetime string of when this customer authentication token expires. The token is no longer valid after this date.
- `meta`: object (required) — Information about this response.
  - `request_id`: string (required) — Unique ID for the request relating to this response. Provide this when contacting Paddle support about a specific request.

### Response example

```json
{
  "data": {
    "customer_auth_token": "pca_01hwyzq8hmdwed5p4jc4hnv6bh_01hwwggymjn0yhhb2gr4p91276_6xaav4lydudt6bgmuefeaf2xnu3umegx",
    "expires_at": "2024-05-03T10:34:12.34Z"
  },
  "meta": {
    "request_id": "fa176777-4bca-49ec-aa1e-f53885333cb7"
  }
}
```