Authentication

POST /api/auth/login

First you need to get a token in order to make API requests. You need to make a POST request to the /api/auth/login endpoint with the following data:

{
  "username": "your-username",
  "password": "your-password"
}

If successful you should get a response like the following:

{
  "token": "eyTMjU2IiwiY...4Q0JDLUhWxnIjoiUE_A",
  "user": {
    "id": "cd33a605-d785-42a1-9365-d6cad3b7befd",
    "username": "your-username",
    "createdAt": "2020-04-20 01:00:00"
  }
}

Save the token value and send an Authorization header with all your data requests with the value Bearer <token>. Your request header should look something like this:

Authorization: Bearer eyTMjU2IiwiY...4Q0JDLUhWxnIjoiUE_A

For example, with curl it would look like this:

curl https://{yourserver}/api/websites
   -H "Accept: application/json"
   -H "Authorization: Bearer <token>"

The authorization token is expected with every API call that requires permissions.


POST /api/auth/verify

You can verify if the token is still valid.

Sample response

{
    id: "1a457e1a-121a-11ee-be56-0242ac120002",
    username: "umami"
    role: "admin",
    isAdmin: true,
}