# Auth API
The Auth APIs are used to retrieve a JWT for use in other API requests.
Unlike the other API endpoints, the base endpoint URL for the Auth API is https://app.getquorum.com/auth.
# Rate Limits
The Auth API has a separate, and lower rate limit from the rest of the GetQuorum API to prevent abuse.
# Auth Endpoints
# Create a JWT
Use this API to retrieve a JWT using user's credentials.
POST /token
# Request
{
"username": "user@email.com",
"password": "your_super_Secret_password",
"mfaToken": "242123"
}
| Property | Type | Description |
|---|---|---|
| username | string | User name |
| password | string | Password |
| mfaToken | string | The multi-factor challenge token |
# Response
{
"access_token": "eyJz93a...k4laUWw",
"refresh_token": "eyJz93a...k4laUWw",
"token_type": "Bearer",
"expires_in": 300,
"grant_type": "username+password"
}
Description:
| Property | Type | Description |
|---|---|---|
| access_token | string | The JWT to be used for future requests |
| refresh_token | string | Refresh token to be used to obtain new JWTs |
# Refresh a JWT
Use this API to retrieve a new JWT using a refresh token
POST /oauth/refresh/
# Request
{
"refresh_token": "eyJz93a...k4laUWw"
}
| Property | Type | Description |
|---|---|---|
| refresh_token | string | The refresh token |
# Response
{
"access_token": "eyJz93a...k4laUWw",
"token_type": "Bearer",
"expires_in": 300,
"grant_type": "refresh_token"
}
Description:
| Property | Type | Description |
|---|---|---|
| access_token | string | The JWT to be used for future requests |