Authentication

How can I authenticate in Elyssa App to use the API?

To authenticate on each endpoint is very simple. Just insert you token on the "Authorization" header

Example

  'headers': {
    'Content-Type': 'application/json',
    'Authorization': 'Bearer <api_token>'
  },

Remember to change the ficction token c7f35c84-7893-4087-b4fb-d1f06c23 for your valid token.

Get Authorization token

This endpoint is used to authenticate the company. Upon successful execution, it returns a status code of 200 along with a token in the response body.

Create token

POST https://api-elyssa-app.azurewebsites.net/auth/login/

This endpoint is used to authenticate company on Elyssa App and return token to use API. The token it's validate for 24 hr, after that time, you need use refresh token to generate a new token.

The refresh token it's validate for 360 days

Request Body

Name
Type
Description

companyId*

String

companyId

{
    "accessToken": "eyJhbGciOiJIInR5cCI6IkpXVCJ9.eyJ1c2VySWQiOiI1NjQxMjMzNS1hMzVjLTRmYWQtYmExYy03NmEzMDY4MzAxYjUiLCJ1c2VybmFtZSI6ImFkbWluQGVseXNzYS5hcHAiLCJyb2xlIjoiVVNFUiIsIm9yZ2FuaXphdGltNGUwZC00ZjJmLWJlOTctMjZlMzU1Nzc4MzdmIiwiaWF0IjoxNzA1Njc5ODIyLCJuYmYiOjE3MDU2Nzk4MjIsImV4cCI6MTcwNTY4MzQyMiwiYXVkIjoiREFQVEFfzcyI6IkRBUFRBX0FVVEgifQ.iIo0ruJOZM8mdAYFbh1IHQaJBXRBlYzuTFBQ",
    "refreshToken": "eyJhbGciOiJIInR5cCI6IkpXVCJ9.eyJ1c2VySWQiOiI1NjQxMjMzNS1hMzVjLTRmYWQtYmExYy03NmEzMDY4MzAxYjUiLCJ1c2VybmFtZSI6ImFkbWluQGVseXNzYS5hcHAiLCJyb2xlIjoiVVNFUiIsIm9yZ2FuaXphdGltNGUwZC00ZjJmLWJlOTctMjZlMzU1Nzc4MzdmIiwiaWF0IjoxNzA1Njc5ODIyLCJuYmYiOjE3MDU2Nzk4MjIsImV4cCI6MTcwNTY4MzQyMiwiYXVkIjoiREFQVEFfzcyI6IkRBUFRBX0FVVEgifQ.iIo0ruJOZM8mdAYFbh1IHQaJBXRBlYzuTFBQ"
}

If you try to access any endpoint without entering the "Authorization" header, or enter an invalid api_token, you will receive a response with status 401 (Unauthorized).

Refresh Token

POST https://api-elyssa-app.azurewebsites.net/auth/refresh/

This endpoint is used to authenticate and generate a new token

Request Body

Name
Type
Description

refresh*

String

refreshToken 

{
    "accessToken": "eyJhbGciOiJIInR5cCI6IkpXVCJ9.eyJ1c2VySWQiOiI1NjQxMjMzNS1hMzVjLTRmYWQtYmExYy03NmEzMDY4MzAxYjUiLCJ1c2VybmFtZSI6ImFkbWluQGVseXNzYS5hcHAiLCJyb2xlIjoiVVNFUiIsIm9yZ2FuaXphdGltNGUwZC00ZjJmLWJlOTctMjZlMzU1Nzc4MzdmIiwiaWF0IjoxNzA1Njc5ODIyLCJuYmYiOjE3MDU2Nzk4MjIsImV4cCI6MTcwNTY4MzQyMiwiYXVkIjoiREFQVEFfzcyI6IkRBUFRBX0FVVEgifQ.iIo0ruJOZM8mdAYFbh1IHQaJBXRBlYzuTFBQ",
}

Remember, the access token is validate for 24 hrs

PreviousQuick StartNextAPI versioning

Last updated