Authorization
This document describes how to Sign-in and Authorize Flow API V1 requests.
Get a CSRF token
curl --location 'https://api.flow.gl/v1/csrf'Example response
{
"data": {
"_csrf": "mBezzKZ8-5QAI_ivMHsYlz_EDU7atf-xj0oI"
}
}Create session (Sign-in)
curl --location 'https://api.flow.gl/v1/session' \
--header 'Content-Type: application/json' \
--data-raw '{
"grant_type": "password",
"email": "user@flow.gl",
"password": "1234ABcd+",
"_csrf": "mBezzKZ8-5QAI_ivMHsYlz_EDU7atf-xj0oI"
}'
--requests POSTExample response
{
"data": {
"access_token": "a98a6dc92606d4ffc8e8e75574ea29e7",
"token_type": "bearer",
"expires_at": "2024-04-13T07:51:16.066Z",
"created_at": "2024-03-14T07:51:16.066Z",
"updated_at": "2024-03-14T07:51:16.066Z"
}
}Creating a session will set a cookie via `Set-Cookie` header, cookie name is `access_token`.
Set-Cookie:
access_token=a98a6dc92606d4ffc8e8e75574ea29e7; HttpOnly; Secure;Save `access_token` and send with each other request via `Cookie` header.
Check session state
curl --location 'https://api.flow.gl/v1/user/me' \
--header "Cookie: access_token=a98a6dc92606d4ffc8e8e75574ea29e7"Example response
{
"data": {
"id": 2,
"email": "user@flow.gl",
"username": "user",
"first_name": null,
"last_name": null,
"phone_number": null,
"organization": null,
"register_type": "regular",
"metadata": null,
"subscription": {
"id": 2,
"start_date": null,
"end_date": "2032-02-10T07:02:31.212Z",
"created_at": "2023-09-09T12:25:11.008Z",
"updated_at": "2023-09-09T12:25:11.008Z"
},
"access_token": "a98a6dc92606d4ffc8e8e75574ea29e7",
"ready_player_me_avatar_id": null
}
}
No Comments