Authentication

The API requires you to login if you want to access protected endpoints. Currently only one account is possible, but later an admin can create as many accounts as needed.

The user that issued a request is recognized by a session token in the Authorization-HTTP Header.

Format: Authorization: Token <token>

Login

To obtain a session token, you need to login. This is done by POST /account/login.

Once logged in, the token has to be transmitted in the header of every request like shown above.

Logout

For security reasons its recommended to delete a session if it's no longer needed. This can be done by GET /account/logout.

Beyond that, sessions expire after 2 hours by default. This can be changed in the server config.

Home

API

Authentication

Request/ Response Format

Resources

Server

Account

Misc

WebSocket

Protocol

Server Architecture

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Authentication

Authentication

Login

Logout

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Clone this wiki locally