Authentication

The Rich API implements JSON Web Token (JWT) based authentication, providing secure access independent of traditional account credentials. This documentation outlines the authentication mechanisms and token management procedures.

Standard Authentication

Authentication requires a JWT token pair (access_token and refresh_token) to be included in the HTTP request headers:

http

Authorization: Bearer <access_token>
refresh-token: <refresh_token>

All authenticated requests must include both headers in the specified format.

Token Validity

Token expiration intervals:

access_token: Valid for 30 minutes
refresh_token: Valid for 2 hours

Example header implementation:

http

Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.YXRpb24iOiJoeXBlcnN0YWNrIiwiYWNjZXNzIjoiZ1B1ZXhhQklUU0AyMDI1Iiwidm...
refresh-token: eyJ0eXBlIjoib3JnYW5pemF0aW9uX2FjY2Vzc19rZXkiLCJvcmdhbml6.c3MiOiJnUHVleGFCSVRTQDIwMjV0ZXN0IiwidmVyc2lvbnMiOiIxL...

For simplified token management, consider utilizing the API Token authentication method.

API Token Authentication

Rich API supports persistent API Token authentication as an alternative to the standard JWT pair mechanism. For comprehensive API Token documentation, refer to our API Token Guide.

API Token requests require a single authorization header:

http

Authorization: Bearer <api_token>

Authentication Endpoint

HTTP Request

POST {API_URL}authenticate/login

Body Parameters

Parameter	Requirement	Type	Description
`username`	Required	`string`	Account identifier
`password`	Required	`string`	MD5 encrypted password string

Response Structure

status `boolean`

Operation result indicator. Returns true for successful execution, false when encountering an error.

message `string`

Descriptive response indicating the authentication outcome.

data `object`

Authentication credentials containing access_token and refresh_token.

Implementation Example

Request

bash

curl -X POST '{API_URL}authenticate/login' \
-H 'Content-Type: application/json' \
-d '{
    "username": "username",
    "password": "234c72abc4b1c987e832837cbb457aer"
}'

Response

json

{
    "status": true,
    "message": "Authentication successful",
    "data": {
        "username": "username",
        "email": "email",
        "access_token": "",
        "refresh_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJlbWFpbCI6InRlYW1AZXhhYml0cy5haSIsInVzZXJuYW1lI..."
    }
}

Authentication ​

Standard Authentication ​

API Token Authentication ​

Authentication Endpoint ​

HTTP Request ​

Body Parameters ​

Response Structure ​

status boolean ​

message string ​

data object ​

Implementation Example ​

Request ​

Response ​

Authentication

Standard Authentication

API Token Authentication

Authentication Endpoint

HTTP Request

Body Parameters

Response Structure

status `boolean`

message `string`

data `object`

Implementation Example

Request

Response