Logo

Hover an endpoint and click the pin icon to pin it here.

POSTAccess Token
POSTRefresh Token
v1.0.0
Admin
post
api.monogoto.io/v1/auth/token

Access Token

Rate limited
5 reqevery 1 minute·keyed byIP

Authenticate user credentials and obtain a bearer access token. Token expires after 4 hours and must be included in the authorization header for all protected endpoints.

Request Body

required

User credentials for authentication

application/json
object
usernamestring · email
required

User email address

passwordstring · password
required

User password

Responses

Authentication successful - Returns access and refresh tokens

application/json
object

Successful authentication response containing JWT tokens

token_typestring
required

Type of token (always Bearer)

enum:"Bearer"
access_tokenstring
required

JWT access token for API authentication. Use in Authorization header as: Bearer <access_token> Token is valid for 4 hours

refresh_tokenstring
required

JWT refresh token for obtaining new access tokens. Store securely and use when access token expires.

  1. Single-use only (token rotation)
  2. Each token is valid for 24 hours
  3. After successful refresh, this token becomes invalid
  4. New refresh token is issued with each refresh

Related

1
POST

Refresh Token

/v1/auth/refresh

Was this page helpful?

/
curl -X POST 'https://api.monogoto.io/v1/auth/token' \
  -H 'Content-Type: application/json' \
  -d '{
  "username": "user@example.com",
  "password": "P@ssword123"
}'

Authentication successful - Returns access and refresh tokens

{
  "token_type": "Bearer",
  "access_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
  "refresh_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..."
}