API Authentication Flow

All API endpoints are protected by authentication to ensure that only authorized users and systems can access chatbot resources.

Authentication Overview

Before accessing any endpoint, a valid authentication token must be obtained through the login process. This token must be included in the API calls.

To obtain an authentication token, users must log in using the following endpoint:

POST /auth/direct-api-login

This endpoint requires the following parameters:

username — the username that has been configured for API access.
password — the corresponding password associated with the username.

The endpoint will return an authentication token that must be used for all subsequent API requests

Token Usage

Once obtained, the token must be included in the request header for every authorized API call.

Token Expiration

The authentication token is time-limited and will expire after a predefined duration from the time of issuance, as configured in StackAuth.
After expiration, users must re-authenticate by calling the same login endpoint to obtain a new token.
Tokens should always be stored securely and never exposed in logs or public environments.

PreviousRoles NextAuthentication

Last updated 1 month ago

hashtagAuthentication Overview

hashtagLogin Endpoint

hashtagToken Usage

hashtagToken Expiration

Authentication Overview

Login Endpoint

Token Usage

Token Expiration