Password authentication

Use this flow if you want to simply authenticate your users with email and password credentials, and you do not want to configure a 3rd-party provider.

Getting Access Tokens

Signing up and authenticating an existing user both takes place by calling the /auth/token endpoint with the password grant.

curl --request POST \
  --url 'http://localhost:8000/auth/token' \
  --header 'Content-Type: application/x-www-form-urlencoded' \
  --data grant_type=password \
  --data username={{email}} \
  --data password={{password}}

If you are successfully authenticated, the token endpoint will respond with HTTP 200 and an application/json response body.

HTTP 200

{
  "access_token": "{{keel_access_token}}",
  "token_type": "Bearer",
  "expires_in": 86400,
  "refresh_token": "{{keel_refresh_token}}",
  "identity_created": false
}

Perform authenticated requests to your Keel APIs

After authenticating, proceed to use the access token you have received to perform authenticated requests to your Keel APIs. This is done by including the access token (prefixed with Bearer) in the Authorization header of the request.

curl --request POST \
  --url 'http://localhost:8000/api/json/searchAuthors' \
  --header 'Content-Type: application/json' \
  --header 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ...' \
  --data '{ "where": { "name": { "startsWith": "Bob" } } }'

ID Token Tokens