Links
Comment on page

Authorization

API Authorization calls
The authorization controller is used to login to the API, in addition user management.
When a login call is completed, the API will return a bearer token which should be used in the auth header of all future calls. This token is set to expire 10 minutes after its generation.
A refresh token is also included in the login response, and this is used in the body of the refresh call to get new tokens with refreshed expiry times. Ensure a refresh call is made prior to any given bearer token's expiry to avoid having to login again.
post
/api/v1/auth/login
Login to engine API
post
/api/v1/auth/refresh
Refresh API tokens
post
/api/v1/auth/user
Add a new user
get
/api/v1/auth/user/{username}
Get user ID
get
/api/v1/auth/users
Get all users
get
/api/v1/auth/user/roles/{_id}
Get user roles
patch
/api/v1/auth/user/roles/{_id}
Set user roles
patch
/api/v1/auth/user/password/{_id}
Set user password
delete
/api/v1/auth/user/{_id}
Delete a user