Skip to main content
All authorized endpoints require Authorization: Bearer <ACCESS_TOKEN> header in request!
Otherwise API client will receive an error message with status 401 - Unauthorized
Example Header: 
Authorization: Bearer eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJtdXJhdG96ZGVtaXJAdGFybGEuaW8iLCJ1c2VySWQiOiJjOGI1OTQwZS01M2QyLTQwZGYtYTg4Yi0xMTBjODYxNTVjZmEiLCJyb2xlcyI6WyJBUElfVVNFUiIsIkFETUlOIl0sImxvY2FsZSI6InRyX1RSIiwidGltZVpvbmUiOiJFdXJvcGUvSXN0YW5idWwiLCJpYXQiOjE3NTMyMTA2MzQsImV4cCI6MTc1MzIxNDIzNH0.hfF1bjcNDhVthtpaZ_HkysA-zJH3VN1a6Sr59aRZbk0

1. Login Operation

Login Operations are Made With Username And Password
API Endpoint: /v1/auth/login
Example Request Payload: 
{
  "username": "name@domain.com",
  "password": "password"
}
Example Success Response: 
{
    "username": "name@domain.com",
    "type": "Bearer",
    "accessToken": "eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJtdXJhdG96ZGVtaXJAdGFybGEuaW8iLCJ1c2VySWQiOiJjOGI1OTQwZS01M2QyLTQwZGYtYTg4Yi0xMTBjODYxNTVjZmEiLCJyb2xlcyI6WyJBUElfVVNFUiIsIkFETUlOIl0sImxvY2FsZSI6InRyX1RSIiwidGltZVpvbmUiOiJFdXJvcGUvSXN0YW5idWwiLCJpYXQiOjE3NTMyMDc1OTAsImV4cCI6MTc1MzIxMTE5MH0.fTCunl7i7yQ8nAuughBpvpRfdH8VFK8uhZWeTrDOPAc",
    "refreshToken": "eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJtdXJhdG96ZGVtaXJAdGFybGEuaW8iLCJ1c2VySWQiOiJjOGI1OTQwZS01M2QyLTQwZGYtYTg4Yi0xMTBjODYxNTVjZmEiLCJsb2NhbGUiOiJ0cl9UUiIsInRpbWVab25lIjoiRXVyb3BlL0lzdGFuYnVsIiwiaWF0IjoxNzUzMjA3NTkwLCJleHAiOjE3NTMyOTM5OTB9.ozFiZzNPSUtzwvu3wuocA8q8t6MlqbyT6On2i0vSENQ"
}
Access Tokens are valid for only 1 hour. Refresh tokens are valid for 1 day!
Possible Error Responses: 
{
  "timestamp": "2025-04-14T16:58:22.22308754",
  "status": 401,
  "error": "Unauthorized",
  "message": "Bad credentials",
  "path": "/auth/login"
}

{
"timestamp": "2025-04-21T16:35:54.095818",
"status": 401,
"error": "Unauthorized",
"message": "User is disabled",
"path": "/auth/login"
}

2. Authentication Token Refresh Operation

When the Authentication Token expires, it is renewed using the refresh token
API Endpoint: /v1/auth/refresh
Example Request Payload: 
{
  "refreshToken": "eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJtdXJhdG96ZGVtaXJAdGFybGEuaW8iLCJ1c2VySWQiOiJjOGI1OTQwZS01M2QyLTQwZGYtYTg4Yi0xMTBjODYxNTVjZmEiLCJsb2NhbGUiOiJ0cl9UUiIsInRpbWVab25lIjoiRXVyb3BlL0lzdGFuYnVsIiwiaWF0IjoxNzUzMjA3NTkwLCJleHAiOjE3NTMyOTM5OTB9.ozFiZzNPSUtzwvu3wuocA8q8t6MlqbyT6On2i0vSENQ"
}
Responses are similar to Login Operation
If you receive 401 - Unauthorized response to your API requests, refresh your access token.
If you still receive 401 - Unauthorized response to your Refresh Token requests, please Login before you proceed!