Authentication

Authenticate

This API endpoint allows users to authenticate and receive an ID token, access token, and refresh token.

POST /v1/auth

Headers

Name

Value

Content-Type

application/json

Body

Name

Type

Description

Required

username

string

The user's username or email address

Yes

password

string

The user's password

Yes

Response

{
    "statusCode": 200,
    "statusMessage": "OK",
    "tokens": {
        "idToken": "eyJraWQiOiJLT0R...",
        "accessToken": "eyJraWQiOiJLT0R...",
        "refreshToken": "eyJraWQiOiJLT0R..."
    }
}

{
    "statusCode": 400,
    "statusMessage": "Login failed",
    "error": "Incorrect username or password."
}

Security Considerations

Ensure that the connection to the API is made over HTTPS to protect sensitive information such as passwords and tokens.
Store tokens securely on the client side to prevent unauthorized access.

Refresh Token

The refresh token obtains a new access token when the current one expires.

POST /v1/auth/refreshtoken

Headers

Name

Value

Content-Type

application/json

Body

Name

Type

Description

refreshtoken

string

Refresh token which is return from authenticate endpoint

Response

{
    "statusCode": 200,
    "statusMessage": "OK",
    "tokens": {
        "idToken": "eyJraWQiOiJLT0R...",
        "accessToken": "eyJraWQiOiJLT0R...",
        "refreshToken": "eyJraWQiOiJLT0R..."
    }
}

{
    "statusCode": 400,
    "statusMessage": "Failed to refresh token",
    "error": "Invalid Refresh Token"
}

{
    "statusCode": 400,
    "statusMessage": "Missing refresh token"
}

PreviousOverview NextStatus Codes

Last updated 6 months ago

Authentication

Authenticate

This API endpoint allows users to authenticate and receive an ID token, access token, and refresh token.

POST /v1/auth

Headers

Name

Value

Content-Type

application/json

Body

Name

Type

Description

Required

username

string

The user's username or email address

Yes

password

string

The user's password

Yes

Response

{
    "statusCode": 200,
    "statusMessage": "OK",
    "tokens": {
        "idToken": "eyJraWQiOiJLT0R...",
        "accessToken": "eyJraWQiOiJLT0R...",
        "refreshToken": "eyJraWQiOiJLT0R..."
    }
}

{
    "statusCode": 400,
    "statusMessage": "Login failed",
    "error": "Incorrect username or password."
}

Security Considerations

Ensure that the connection to the API is made over HTTPS to protect sensitive information such as passwords and tokens.
Store tokens securely on the client side to prevent unauthorized access.

Refresh Token

The refresh token obtains a new access token when the current one expires.

POST /v1/auth/refreshtoken

Headers

Name

Value

Content-Type

application/json

Body

Name

Type

Description

refreshtoken

string

Refresh token which is return from authenticate endpoint

Response

{
    "statusCode": 200,
    "statusMessage": "OK",
    "tokens": {
        "idToken": "eyJraWQiOiJLT0R...",
        "accessToken": "eyJraWQiOiJLT0R...",
        "refreshToken": "eyJraWQiOiJLT0R..."
    }
}

{
    "statusCode": 400,
    "statusMessage": "Failed to refresh token",
    "error": "Invalid Refresh Token"
}

{
    "statusCode": 400,
    "statusMessage": "Missing refresh token"
}

PreviousOverview NextStatus Codes

Last updated 6 months ago