Token authentication can be used to obtain a token that can be used in requests the Nexudus REST API without having to use admin credentials.
The general process to use token authentication is as follows:
- Get a short-lived authentication access token and a long-lived refresh token.
- Refresh the access token as needed by using a refresh token.
- Use the "Bearer" HTTP header to make requests to the REST API or the Public API.
Access tokens are generally short-lived and you should not assume they last for more than a few minutes or hours.
Heads up!
You should always keep your refresh tokens secure, treat them as passwords.
Authentication and Refresh Token
Gets a short-lived access token and a long-lived refresh token.
POST https://spaces.nexudus.com/api/token
grant_type=password&username=:email&password=:password
Content-type
Do not send a JSON body as part of this request. The grant_type and username parameters must be passed in as raw text in the body of the request
Header | Type | Description |
---|---|---|
client_id | string |
|
{
"access_token": "v8hNJebN2....",
"token_type": "bearer",
"expires_in": 604799,
"refresh_token": "2669808..."
}
{
"error": "invalid_grant",
"error_description": "The user name or password is incorrect."
}
Refresh Access Token
Gets a new short-lived access token based on a refresh token. Refreshing a token for a client ID will invalidate all previous refresh tokens for that client ID but not existing Access Tokens that may not have expired.Refresh Tokens are valid for 15 days. If your refresh token has expired, you will need to use a username and password to create a new access token.
POST https://spaces.nexudus.com/api/token
Body:
grant_type=refresh_token&refresh_token=2669808...
Content-type
Do not send a JSON body as part of this request. The grant_type and username parameters must be passed in as raw text in the body of the request
Header | Type | Description |
---|---|---|
client_id | string |
|