User authentication

1. Get access and refresh token

Request

POST https://www.iofrog.com/api/v1/auth/signin
{
  "username": "username",
  "password": "password"
}

Response

{
  user:
    {
      "firstName": "firstName",
      "lastName": "lastName",
      "isActivated": "true/false"
    },
  token:
    {
      "accessToken": "accesstoken",
      "refreshToken": "refreshtoken"
    }
}

2. Store access and refresh token

Store tokens in your application, for example in local browser storage in case of web application

3.Put access token in every http header

Request header

Content-Type: application/json
Authorization: Bearer access_token

4. Get new access token using refresh token

Access token expires quickly. Once it expires, the server sends 401. In such case, use refresh token and get a new access token

Request

POST https://www.iofrog.com/api/v1/auth/token/refresh
{
  "refreshToken": "refresh_token"
}

Response

{
  "token": {
    "accessToken": "access_token"
  }
}