To interact with the API, clients must first log in and obtain an access token.
This token is required to authenticate all subsequent requests.
Steps
-
Call Get Access Details for a User (
POST /login) with email + password. -
Retrieve the
access_tokenfrom the response. -
Use this token in the
Authorization: Bearer <access_token>header for all API requests. -
When the token expires, request a new one using the
refresh_token.
Endpoint
POST /login
📄 API Documentation
Alternatively, you can also check the 📦Postman Collection
Request
The login request must include the following parameters in the body (JSON):
|
Field |
Type |
Required |
Description |
|---|---|---|---|
|
|
string |
✅ |
The email address associated with the user. |
|
|
string |
✅ |
The password associated with the account. |
{
"email": "...",
"password": "..."
}
Response
On success (200 – Successful Login), the response includes authentication tokens and user information:
{
"tokens": {
"access_token": "eyJhbGciOiJIUzI1NiIsInR...",
"expires": 1712345678,
"refresh_token": "dGhpc2lzbXlyZWZyZXNodG9rZW4...",
"refresh_expires": 1713456789
},
"user": {
"id": 12345,
"email": "user@example.com",
...
}
}
Authentication
-
Use the
access_tokenfrom the response to authenticate subsequent API requests. -
Pass it in the header:
Authorization: Bearer <access_token>
Available Endpoints
For the full list, please refer to this document: API Endpoints
Token Expiration
-
expires→ Unix timestamp when the access token will expire. -
refresh_token→ Use this to request a new access token. -
refresh_expires→ Unix timestamp when the refresh token itself will expire.