The authentication is used to obtain a valid token that your application will use to connect to any routes of the API. The token has a shelf life of 15 minutes starting at the moment of acquisition, after which it must be re-acquired. When you use the token in a request, you are connected on behalf of the the user provided during the authentication and are restricted to the limitation of this user (see users roles and their permissions).

Request

Headers

Accept

application/json

Content-type

application/json

Body

username

Username of the user to connect on behalf-of

password

Password of the user

Response (200) - Success

Headers

Content-type

application/json

Cache-Control

no-cache,private

Body

success

Token has been acquired

token

The token to use within the Authorization header for the request

Response (401,503) - Authorized access

Headers

Content-type

application/json

Cache-Control

no-cache,private

Connection

close

Body

code

Error codes:

• 401.unauthorized: When providing wrong credentials or token expired

• 503.maintenance : When the server is currently on maintenance

message

Developer-friendly description of the code of error. Ex: “Invalid credential provided”