# Authorization

For authorisation a JWT token is required. It can be shared with the API following ways

As a header Authorization (Authorization: Bearer ${JWT_TOKEN})
As a query parameter (GET /api/users?token=${JWT_TOKEN}). Can be used for any query methods

If the token is invalid or expired, error as a response will be returned (refer to Errors page)

The easiest way to obtain a user token is to login to the System by using an email and password

POST /api/auth/login

# Request

{"email": "admin", "password": "admin", "user_type": "user"}

Key	Required	Description
`email`	`true`	User login
`password`	`true`	User password
`user_type`	`false`	User type. If empty, will be recognized automatically

# Response

{
  "token": "eyJ0eXAiOiJKV...vzGt5Op_UNcocfY",
  "user": {
    "id": 55,
    "email": "[email protected]"
  }
}

Key	Required	Description
`token`	`true`	JWT auth token
`user`	`true`	User data

TIP

In case of authorisation errors you will see the following response: "http 422" with the explanation of the reason or: "http 429" if there are too many authorisation errors.

← Base Request Structure Errors →

# Authorization

# Basic Password Login

# Request

# Response