Token Generation

Once a user has been created and issued an identifier and secret, they can generate an authentication token to access the Smart Search API. This token is required for all authorized API requests and serves as proof of identity.

✅ Generate a Token

To generate a token, the user sends a POST request to the /token endpoint.

Endpoint:

POST /token

Request Body:

{
  "identifier": "glchat_user",
  "secret": "user_secret_here"
}

identifier: The unique identifier for the user (provided during creation)
secret: The secret value assigned to the user

Sample Response:

{
    "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
    "token": "string",
    "token_type": "string",
    "expires_at": "2019-08-24T14:15:22Z",
    "is_revoked": true,
    "user_id": "a169451c-8525-4352-b8ca-070dd449a1a5",
    "client_id": "5b3fa7ba-57d3-4017-a65b-d57dcd2db643"
}

token: A valid authentication token (e.g., JWT or similar)

🔐 Using the Token

Include the token in the Authorization header of every API request that requires authentication:

Authorization: Bearer <token>

👤 Get Authenticated User

To fetch the current authenticated user's information (based on the token), send a GET request to the /token endpoint with the token included in the Authorization header.

Endpoint:

GET /token

Headers:

Authorization: Bearer <token>

Sample Response:

{
  "username": "string",
  "scopes": []
}

This endpoint helps confirm the identity of the token holder and is useful for session validation or debugging purposes.

PreviousClient and User Creation NextUser Access for Staging/Production

Last updated 2 months ago