Authentication

All stable API routes use the /api/v1 prefix. Send your bearer token with every API request:

Authorization: Bearer <access_token>

Successful responses are wrapped in a data object.

{
  "data": {}
}

POST /api/v1/auth/login
Content-Type: application/json

{
  "email": "[email protected]",
  "password": "your-password"
}

The response includes an access token, refresh token, token type, and user profile.

Refresh access

POST /api/v1/auth/refresh
Content-Type: application/json

{
  "refreshToken": "<refresh_token>"
}

⌘I