Authentication

The API uses Access Token for authentication, offering an alternative authentication method independent of your account username and password. Follow the instructions below to effortlessly generate an API Access Token with just a few clicks using the Exabits platform.

To authenticate, you need to send a JSON Web Token (JWT) in the authorization header of the HTTP request.

Authorization: Bearer <access_token>
refresh-token: <refresh_token>

All API calls that require authentication expect HTTP header in the form of Authorization: Bearer <access_token> and refresh-token: <refresh_token>.

NOTE

Be mindful of the expiration times for the access_token and refresh_token. The access_token is valid for 30 minutes , while the refresh_token is valid for 2 hours.

For example:

Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0eXBlIjoib3JnYW5pemF0aW9uX2FjY2Vzc19rZXkiLCJvcmdhbml6...
refresh-token: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0eXBlIjoib3JnYW5pemF0aW9uX2FjY2Vzc19rZXkiLCJvcmdhbml6...

If you don't want to manage the validity of the access_token and refresh_token, you can opt to use an API Token.

API Token

The Exabits API can also use an API Token for authentication, offering an alternative authentication method independent of your account access_token and refresh_token. For additional information on API Tokens, click here.

All API calls that require authentication expect HTTP header in the form of Authorization: Bearer <api_token>.

For example:

Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0eXBlIjoib3JnYW5pemF0aW9uX2FjY2Vzc19rZXkiLCJvcmdhbml6...

HTTP Request

POST {API_URL}authenticate/login

Body parameters

Parameters	Requirements	Type	Description
`username`	Required	`string`	Login username
`password`	Required	`string`	Password using `md5` encryption

Reponse Attributes

status `boolean`

Indicates the result of the request to create virtual machine. true signifies success, while false indicates an error.

message `string`

A description of the status of the request.

data `object`

An jwt access info, containing access_token and refresh_token .

Example

Request

curl -X POST '{API_URL}authenticate/login' \
-H 'Content-Type: application/json' \
-d '{
    "username":"username",
    "password":"176c72ecb4b1c786e832837cbb457b4c"
}'

Response

{
    "status": true,
    "message": "Login successful!",
    "data": {
        "username": "username",
        "email": "email"
        "access_token": "",
        "refresh_token": "YRjxLpsjRqL7zYuKstXogqioA_P3Z4fiEuga0NCVRcDSc8cy_9msxg"
    }
}

Authentication ​

API Token ​

Login ​

HTTP Request ​

Body parameters ​

Reponse Attributes ​

status boolean ​

message string ​

data object ​

Example ​

Request ​

Response ​