Skip to content

Authentication

Initial authentication is based on email and password. After initial documentation Bearer token will be returned and it must be included in the header of every request.

  • Bearer Token expires every 30 days

Basic Auth

URL : https://api.iotaap.io/v1/auth/login

Method : POST

Body Params

  • email (string): valid e-mail
  • password (string): valid password
  • rememberMe (bool): true/false (optional)

Body example

{
    "email": "your@email.com",
    "password": "yourPassword",
    "rememberMe": "false"
}

Success Response

Code : 200 OK

Response example

{
    "user": {
        "id": "5e10fc5e77ba18070312e171",
        "role": "user"
    },
    "token": "eyJhbGciOiJIUzI1NiIsInzwqaI6IkpXVCJ9.eyJpZCI6IjVlMTBmYzVlNzdiYTE4MDcwMzEyZTE3MSIskeq4eGUiOiJhZG1pbiIsImlhdCI6MTU3OTQ0MjI1NSwiZXhwIjoxNTgyMDM0MjU1fQ.7EUmUzwqbcR35asesYwpsjy2PVAb8BC2ETPipT-gjZq8"
}

Error Response

Condition : If 'email' and 'password' combination is wrong

Code : 401 UNAUTHORIZED

Content :

{
    "error": "Login or password is wrong"
}

Token Auth

Every request must include Bearer token in the header for successfull authentication.

Header Params

  • Authorization (string): valid Bearer token

Header Param Example

Authorization: Bearer eyJhbGciOiJIUzI1NiIsInsfcCI6IkpXVCJ9.eyJpZCI6IjVlMTBmYzVlNzdiYTE4MDcwMzEyZTE3MSIsInJvbGUiOswhZG1pbiIsImlhdCI6MTU3OTQ0MTA2OSwiZXhwIjoxNTgyMDMzMDY5fQ.OCXq05RLQv4xQsxxrtTZYk3OZ4jEu9vnwAQORYHlqRw

Success Response

Success response for the called method

Error Response

Condition : If Bearer token is not valid

Code : 401 UNAUTHORIZED

Content :

Unauthorized