Authentication

Authenticate

This API endpoint allows users to authenticate and receive an ID token, access token, and refresh token.

POST /v1/auth

Headers

Name Value

Name	Value
Content-Type	`application/json`

Content-Type

application/json

Body

Name Type Description Required

Name	Type	Description	Required
`username`	string	The user's username or email address	Yes
`password`	string	The user's password	Yes

username

string

The user's username or email address

Yes

password

string

The user's password

Yes

Response

{
    "statusCode": 200,
    "statusMessage": "OK",
    "tokens": {
        "idToken": "eyJraWQiOiJLT0R...",
        "accessToken": "eyJraWQiOiJLT0R...",
        "refreshToken": "eyJraWQiOiJLT0R..."
    }
}

{
    "statusCode": 400,
    "statusMessage": "Login failed",
    "error": "Incorrect username or password."
}

Security Considerations

Ensure that the connection to the API is made over HTTPS to protect sensitive information such as passwords and tokens.
Store tokens securely on the client side to prevent unauthorized access.

Refresh Token

The refresh token obtains a new access token when the current one expires.

POST /v1/auth/refreshtoken

Headers

Name Value

Name	Value
Content-Type	`application/json`

Content-Type

application/json

Body

Name Type Description

Name	Type	Description
`refreshtoken`	string	Refresh token which is return from authenticate endpoint

refreshtoken

string

Refresh token which is return from authenticate endpoint

Response

{
    "statusCode": 200,
    "statusMessage": "OK",
    "tokens": {
        "idToken": "eyJraWQiOiJLT0R...",
        "accessToken": "eyJraWQiOiJLT0R...",
        "refreshToken": "eyJraWQiOiJLT0R..."
    }
}

{
    "statusCode": 400,
    "statusMessage": "Failed to refresh token",
    "error": "Invalid Refresh Token"
}

{
    "statusCode": 400,
    "statusMessage": "Missing refresh token"
}

PreviousOverview NextStatus Codes

Last updated 15 days ago