Redirect Manager

Authentication API

Authentication endpoints for the Redirect Manager API

Learn how to login, logout, and manage your session tokens.

POST

/api/v1/auth/login

Login

Authenticate with username and password to receive a JWT access token and a refresh token (via cookie).

Request Body

Provide your credentials to obtain an authentication token.

Parameters:

ParameterTypeRequiredDescription
usernamestringRequired

User username for authentication

Example: admin

passwordstringRequired

User password for authentication

Example: your_secure_password

Example:

{
  "username": "admin",
  "password": "your_secure_password"
}

Response Status Codes

Possible response codes for the login endpoint.

200 OK

Login successful. Returns JWT access token. Sets 'refreshToken' as an HttpOnly cookie.

Example Response:

{
  "access_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
  "token_type": "Bearer",
  "expires_in": 3600
}
401 Unauthorized

Unauthorized. Invalid username or password.

Example Response:

{
  "error": {
    "message": "Invalid credentials"
  }
}
POST

/api/v1/auth/logout

Logout

Invalidate the current session and clear authentication cookies.

Request Headers

Provide your bearer token to logout. The refresh token cookie must also be present.

Request Headers:

HeaderTypeRequiredDescription
AuthorizationstringRequired

Bearer token for authentication

Example: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...

Example:

{
  "Authorization": "Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..."
}

Request Body

Optional parameters for logout.

Parameters:

ParameterTypeRequiredDescription
allDevicesbooleanOptional

If true, logs out from all devices by invalidating all refresh tokens for the user.

Example: true

Example:

{
  "allDevices": false
}

Response Status Codes

Possible response codes for the logout endpoint.

204 Response

Logout successful. Clears 'refreshToken' cookie. No response body.

401 Unauthorized

Unauthorized. No token provided or invalid token.

Example Response:

{
  "error": {
    "message": "No jwt token provided"
  }
}
POST

/api/v1/auth/refresh

Refresh Token

Issue a new JWT access token and rotate the refresh token using the existing refresh token cookie.

Cookie Requirements

This endpoint requires the refreshToken cookie to be present in the request.

Response Status Codes

Possible response codes for the refresh token endpoint.

200 OK

Token refreshed successfully. Returns new JWT access token. Also updates the 'refreshToken' cookie.

Example Response:

{
  "access_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
  "token_type": "Bearer",
  "expires_in": 3600
}
401 Unauthorized

Unauthorized. No refresh token provided or token is invalid/expired.

Example Response:

{
  "error": {
    "message": "No refresh token provided"
  }
}