These docs are for v0.0.1. Click to read the latest docs for v1.0.0.

Authentication

The OAuth2 framework is used for authentication. The basic flow is:

  • Username and password is forwarded to the token endpoint with a username and password.
  • User gets a long-lived refresh token and a short-lived access token.
  • (later) User uses refresh token to get a new short-lived access token using the token endpoint.

The token will be a base64 string, like ohrqPAqtQs-xVSltMhypTg,
which will be used in the Authorization header, like:

Authorization: Bearer ohrqPAqtQs-xVSltMhypTg

In the near future, we will also support a redirect workflow more suitable web-based applications with redirect URIs.