token_create

POST 
/public-api/token/

Authenticate with your username and password to obtain an access token and a refresh token.

How to obtain a token pair

1. Send a POST request to this endpoint with your username and password.

   Example request body:

     "username": "john.doe",
     "password": "ExamplePassword123!"

2. Receive a response containing:

   • access: use this token to authenticate API requests.
   • refresh: use this token to obtain a new token pair when the access token expires.

   Example response body:

     "access": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.access-token-example",
     "refresh": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.refresh-token-example"

3. Use the access token in the Authorization header for protected endpoints.

   Example header:

   Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.access-token-example

4. When the access token expires after 15 minutes, use the refresh token at the endpoint /token/refresh/ instead of calling this endpoint again.

5. When the refresh token expires after 60 days, authenticate again with your username and password to obtain a new token pair.

Important notes

1. Do not use this endpoint repeatedly to get new access tokens, because the number of outstanding tokens is limited.
2. Prefer /token/refresh/ to continue an authenticated session.
3. If too many failed login attempts occur, the endpoint may temporarily return 429 Too Many Requests.

Request

Responses

200

400

No Content

401

Unauthorized

403

Forbidden: Too many outstanding tokens

429

Too Many Requests: Too many failed login attempts