Tokens
Access Tokens
When making an API request, include the access token in an authorization header of type Bearer.
'Authorization: Bearer [access token]'
curl --location --request GET 'http://localhost/api/stations'
--header 'Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJmcmVzaCI6ZmFsc2UsImlhdCI6MTYzMTQwNjE4MSwianRpIjoiMmE1NWZlMmMtMjg1Ny00OTJmLTkyMzEtZTlkOTUzZDFhNzZhIiwidHlwZSI6ImFjY2VzcyIsImlkZW50aXR5IjoibWdvcmRvbiIsIm5iZiI6MTYzMTQwNjE4MSwiZXhwIjoxNjMxNDA3MDgxfQ.65uARe8bQuNXHqVk2ykYxe-VeStQChY_Z5mEZ3Sqhec'
After 15 minutes, the access token will have expired and a new one will need to be generated.
Refresh Tokens
To refresh your access token, access the /api/users/refresh endpoint. Include the Bearer Authorization header, but instead of using the access token, include the refresh token given to you when you first accessed the login endpoint.
A new access token will be returned to you in the body. You can now use this token in the authorization header when making API requests.
After 30 days, the refresh token will expire. In order to generate a new refresh token, you must go through the login process again.
Application Tokens
If you would prefer to avoid having to refresh an expired token, you can generate an application token, which is a non-expiring access token. These can only be created by users with the type set to "application."
Note: For security, we recommend Cloud customers stick with using the refresh token.
To create this token, access the /api/users/application-token endpoint using your refresh token as the Bearer authorization header.
curl --location --request POST 'http://localhost/api/users/application-token'
--header 'Content-Type: application/json'
--header 'Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJmcmVzaCI6ZmFsc2UsImlhdCI6MTYyOTQwMjYxMCwianRpIjoiZGQ2ZjFiYTctOTU4Yi00MTJmLWJkNjktOTJkZGUwMTE2NDczIiwidHlwZSI6InJlZnJlc2giLCJpZGVudGl0eSI6Im1nb3Jkb24iLCJuYmYiOjE2Mjk0MDI2MTAsImV4cCI6MTYzMTk5NDYxMH0.bUDN3lswIp5m-YouXVbbHPiizLrelOE_AZ7lB_HUX2k'
In the body of the response will be the application token:
"token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJmcmVzaCI6ZmFsc2UsImlhdCI6MTYzMTQwNjUxMCwianRpIjoiN2Q4YTAwZmEtNGZiOC00MmUyLWE1MGQtMzZkNWQ3Y2M1YTBmIiwidHlwZSI6ImFjY2VzcyIsImlkZW50aXR5IjoibWdvcmRvbiIsIm5iZiI6MTYzMTQwNjUxMH0.T_dYn0Mc4hjDo2WyQ_e3zMEOYmQiBWVzlyW_gQaE62c"