Logging in to the API


Before being able to access endpoints in the API, you'll need to have a username and password. The default user and password is available during the install process. Otherwise, you'll need to gain a username from a current authenticated user, either through the API, or the interface.

curl -L -g -X POST 'https://[yoursubdomain].itempath.com/api/users/login' \
-H 'Content-Type: application/json' \
--data-raw '{
  "username": "example_username",
  "password": "example_password"

A successful login will result in a status code of 200. If you receive a 404, double-check that your credentials are entered correctly.

On login, you'll receive a JWT access token and refresh token in the response. You'll want to save both tokens, which will be returned looking something like this:

    "refreshToken": "refresh_token_goes_here",
    "accessToken": "access_token_goes_here",
    "username": "example_username",
    "id": #


The access token will need to be passed in the header of every API request.

To keep ItemPath secure, the access token is only valid for 15 minutes. Using the refresh token will give you a new active access token, which you can read more about here.

If the username/password has been tagged as a software connection, you'll be able to upgrade your access token to be non-expiring.