## Token Server Overview
The Token Server provides a critical layer of security for web applications that use services requiring a license key.
When you integrate a service directly into a public-facing website, there’s a significant risk of exposing your license key within the site’s code.
If a malicious actor finds this key, they could potentially use your licensed services without authorization, leading to security breaches or unexpected costs.
To solve this problem, the Token Server acts as a secure intermediary.
Instead of placing your main license key in the public code, your private server-side application makes a request to the Token Server.
In return, it receives a secure, temporary token with a limited lifespan.
This disposable token can then be safely passed to the public website for its use, ensuring that your license key is never exposed.
The Token Server can:
- Generate secure, temporary authentication tokens for client-side use.
- Conceal your license key to prevent it from being exposed in public-facing code.
- Enhance web application security by providing a safer method for authentication.
- Control the active lifespan of a token, from a minimum of 1 minute up to 99 hours.

**Documentation**
- [Token Server Documentation](https://docs.melissa.com/cloud-api/token-server/token-server-index.html)

**Useful Resources**
- [GitHub - Token Server Open API Specification](https://github.com/MelissaData/MelissaCloudAPI-OpenAPI-Specification/blob/main/openapi/apis/token-server.yaml)
- [Release notes](https://releasenotes.melissa.com/cloud-api/token-server/)
- [Result codes](https://docs.melissa.com/cloud-api/token-server/result-codes.html)

**Support Center**
[https://www.melissa.com/company/product-support](https://www.melissa.com/company/product-support)