Why am I receiving 401 responses

The 401 response is because the VAT number on the issuer object doesn’t match with the APIKey that you used for sending the json and you cannot be authenticated.

Which authentication methods are supported

There are 2 authentication methods. The first one is via APIKey validation and the second one is with Bearer Token.

How can I be authenticated using the APIKey

In order to send or receive documents to / from the API, you will need to include an authentication token to the request. Authentication tokens are sent via the requests header (APIKey:{VALUE}). Authentication tokens are produced by ECOS Department. Any request made to the API that fails Authentication will result in a 401 Status Code response.

How can I be authenticated using Bearer Token

Our service is supporting JWT Bearer Authentication method. In order for you to receive your Access and Refresh tokens, you need to implement the following POST method.
Endpoint: https://einvoice-demo.s1ecos.gr/Authentication/login


Login method does not need to be authorized.
Sample Response – Http Status 200 (Success)


The accessToken received in the response is valid for 15 minutes. In order to refresh it you need to implement the following method.
Refresh POST request
Endpoint: https://einvoice-demo.s1ecos.gr/Authentication/refresh
Request Payload
“[token value from the refreshToken object]”


The response will be similar to the one received when issuing the access token. This request needs to be authenticated.
All requests to the API need to be authenticated by implementing JWT Bearer token authentication
For example, to issue an invoice using the endpoint: https://einvoice-demo.s1ecos.gr/invoice/json, the corresponding header would look like this: