Authentication API

Endpoint to obtain authenticate token

1. Obtaining Access Token

Before accessing any endpoints, clients need to obtain an access token through the authentication process, using Username and Password The access token serves as a credential to authenticate the client’s requests to the API.

POST /token

Request - Body



username = username

password = password

Response

{

    "access_token": <access-token>, # with 30 minute expire

    "token_type": "bearer"

}

Sample Request



curl --location 'http://34.49.156.36/token' \

--header 'accept: application/json' \

--header 'Content-Type: application/x-www-form-urlencoded' \

--data-urlencode 'grant_type=' \

--data-urlencode 'username=abc' \

--data-urlencode 'password=abc@09876' \

--data-urlencode 'scope=' \

--data-urlencode 'client_id=' \

--data-urlencode 'client_secret='

2. Including Access Token in Requests

After obtaining the access token, clients include it in the Authorization header of subsequent requests as a Bearer token.

Sample Request

curl --location ' https://api-staging.crazygoldfish.com/v1/evaluation/' \

--header 'accept: application/json' \

--header 'Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIzIiwiZXhwIjoxNzEyNTY2MDg0fQ.LOWAwIbbZ_hc7Y20CZwsXgSyOTUMoncc51S0a8qmFy0' \

--header 'Content-Type: application/json' \

--data '{

  "client_id": "0001",

  "student_id": "S0001",

  "student_name": "name",

  "subject": "english",

  "institution_id": "I0001",

  "teacher_id": "T0001",

  "parent_id": "P0001",

  "class_info": "8",

  "image_urls": [

    "https://storage.googleapis.com/ncert-images/english/WhatsApp%20Image%202024-03-05%20at%208.16.56%20PM_4.jpeg"

  ]

}'

3.Conclusion

The authentication process using a Bearer token ensures secure access to the API endpoints while allowing clients to authenticate their requests efficiently. By following this process, clients can obtain, include, and refresh access tokens to interact with the API securely and seamlessly.