Login API
Request
POST /auth/login
Form Data
| Attribute |
Description |
| username |
Can be username or email address of the registered user |
| password |
Password provided by the user |
Response
There are 3 types of responses each associated with a status code.
| Status Code |
Description |
| 200 |
Login ok, token should be returned in response. |
| 406 |
Something is wrong. Check response for error message. |
| 400 |
Bad request format or not all attributes are provided. |
Note
To all the subsequent requests that perform CURD on Notes and Folder, you should pass the access_token over your header like the following
Authorization: Bearer <access_token>
Example:
Authorization: Bearer a.3f8f961077b54e0e76251dafd678qw34af00adf7d4418b2524bc2334fb1938f1
Response Examples
200
{
"message": "Login success",
"tokens": {
"access_token": "a.3f8f961077b54e0e76251dafd678qw34af00adf7d4418b2524bc2334fb1938f1",
"valid_for": 7200,
"refresh_token": "r.c7628b62bfbe5e19f101b2re893c27741dc504935527cf4d652aeaf28e8d178a",
"reference_token": "auth_grant",
"type": "api"
}
}
406
{
"error": "Detailed error message"
}
400
{
"error": "Bad request"
}
Refresh Access API
Request
POST /auth/refresh
Form Data
| Attribute |
Description |
| refresh_token |
<refresh_token_acquired_during_login> |
Response
There are 3 type of responses each associated with a status code.
| Status Code |
Description |
| 200 |
Refresh access is successful, token should be returned in response. |
| 406 |
Something is wrong. Check response for error message. |
| 400 |
Bad request format or not all attributes are provided. |
Note
To check if an access_token is valid, you can use Get Current User API.
Examples
200
{
"message": "Refresh Success",
"tokens": {
"access_token": "a.fcd25683d077219e29ef990f79ddff8946495186a9773af1e4bee633a0b99a5b",
"valid_for": 7200,
"refresh_token": "d.cf03600e7e505af7c4e90120838a05a3",
"reference_token": "r.786906ede70648bccc44af4d13a461f87e0331d080565fbe1fd2ac21ea2e524c",
"type": "api"
}
}
406
{
"error": "Detailed error message"
}
400
{
"error": "Bad request"
}
Signup API
Request
POST /auth/signup
Form Data
| Attribute |
Description |
username |
Any username without space, and must be alpha numeric. Some symbols are allowed. |
password |
Any password greater than 8 characters |
email |
Email address of the user to which verification is sent. Must be a valid one. |
Response
There are 3 types of responses.
| Status Code |
Description |
| 200 |
Signup Success and verification email sent. |
| 400 |
Bad Request Format or Not all attributes are available. |
| 409 |
User already exists |
Examples
200 OK
{
"message": "Signup success",
"userid": 26
}
400 Bad Request
{
"error": "Bad request"
}
409 Conflict
{
"error": "Unable to signup."
}