Spanish
Page cover

Authentication

Yativo Authentication System

The Yativo API provides an auth/login endpoint that allows you to generate a bearer token by passing your account credentials. This token is essential for accessing protected resources within the Yativo system.

Example Request

To request a bearer token, send a POST request to the auth/login endpoint with your account_id and app_secret Which can be found in settings of your Yativo Business Dashboard.

Endpoint URL:

POST {{baseUrl}}/auth/login

Request Headers:

Content-Type: application/json

Request Body:

{
  "account_id": "account_id",
  "app_secret": "app_secret"
}

Example Request Using cURL:

curl -X POST {{baseUrl}}/auth/login \
-H "Content-Type: application/json" \
-d '{
    "account_id": "account_id",
    "app_secret": "app_secret"
}'

Example Response

Upon successful authentication, the response will include the access_token, token_type, and expires_in fields.

{
    "status": "success",
    "status_code": 200,
    "message": "Request successful",
    "data": {
        "access_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJodHRwOi8vMTI3LjAuMC4xOjkwMDAvYXBpL3YxL2F1dGgvbG9naW4iLCJpYXQiOjE3MTY4OTg0NTQsImV4cCI6MTcxNjg5OTA1NCwibmJmIjoxNLCJqdGkiOiJsZWZEejJGZW1WQjR5YnNBIiwic3ViIjoiNyIsInBydiI6IjIzYmQ1Yzg5NDlmNjAwYWRiMzllNzAxYzQwMDg3MmRiN2E1OTc2ZjcifQ.U7tM5B45f64eCsEk5t0nJFepsKo2tvjyAJEqu8Gh2tk",
        "token_type": "bearer",
        "expires_in": 600 //time in seconds 600 seconds = 10 mins
    }
}

Using the Bearer Token

Once you have the access_token, include it in the Authorization header for all subsequent API requests to protected endpoints.

Example Header:

Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJodHRwOi8vMTI3LjAuMC4xOjkwMDAvYXBpL3YxL2F1dGgvbG9naW4iLCJpYXQiOjE3MTY4OTg0NTQsImV4cCI6MTcxNjg5OTA1NCwibmJmIjoxNLCJqdGkiOiJsZWZEejJGZW1WQjR5YnNBIiwic3ViIjoiNyIsInBydiI6IjIzYmQ1Yzg5NDlmNjAwYWRiMzllNzAxYzQwMDg3MmRiN2E1OTc2ZjcifQ.U7tM5B45f64eCsEk5t0nJFepsKo2tvjyAJEqu8Gh2tk

By following these steps, you can authenticate with the Yativo API and securely access its protected resources using the provided bearer token.

Login

post

Auth Login

This endpoint is used to authenticate a user and obtain an access token for further API requests.

Request Body

  • email (text) - The email of the user for authentication.
  • password (text) - The password of the user for authentication.

Response

  • status - The status of the authentication request.
  • status_code - The status code of the response.
  • message - A message indicating the result of the authentication request.
  • data - An object containing the access token details:
    • access_token - The token used for authentication in subsequent requests.
    • token_type - The type of token.
    • expires_in - The duration in seconds for which the token is valid.

Example Response

{
    "status": "success",
    "status_code": 200,
    "message": "Request successful",
    "data": {
        "access_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9...",
        "token_type": "bearer",
        "expires_in": 3600
    }
}
Body
all ofOptional
and
anyOptionalExample: {"account_id":"dG93b2p1YWRzQGdtYWlsLmNvbQ==","app_secret":"f7d69513-40d8-49d1-8180-50ceb0a20d6a"}
Responses
200
OK
application/json
Responseall of
and
anyOptionalExample: {"status":"success","status_code":200,"message":"Request successful","data":{"access_token":"eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJodHRwczovL3plZS50ZXN0L2FwaS92MS9hdXRoL2xvZ2luIiwiaWF0IjoxNzA0OTAxODU3LCJleHAiOjE3MDQ5MDU0NTcsIm5iZiI6MTcwNDkwMTg1NywianRpIjoiRGFyR1RpUkFVZElFdThEZiIsInN1YiI6IjEiLCJwcnYiOiIyM2JkNWM4OTQ5ZjYwMGFkYjM5ZTcwMWM0MDA4NzJkYjdhNTk3NmY3In0.KtjKgURXSVuWfgtQFvpqo19hb0yCuI4Nijzb_hRw1D4","token_type":"bearer","expires_in":3600}}
post
POST /api/v1/auth/login HTTP/1.1
Host: smtp.yativo.com
Content-Type: application/json
Accept: */*
Content-Length: 97

{
  "account_id": "dG93b2p1YWRzQGdtYWlsLmNvbQ==",
  "app_secret": "f7d69513-40d8-49d1-8180-50ceb0a20d6a"
}
200

OK

{
  "status": "success",
  "status_code": 200,
  "message": "Request successful",
  "data": {
    "access_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJodHRwczovL3plZS50ZXN0L2FwaS92MS9hdXRoL2xvZ2luIiwiaWF0IjoxNzA0OTAxODU3LCJleHAiOjE3MDQ5MDU0NTcsIm5iZiI6MTcwNDkwMTg1NywianRpIjoiRGFyR1RpUkFVZElFdThEZiIsInN1YiI6IjEiLCJwcnYiOiIyM2JkNWM4OTQ5ZjYwMGFkYjM5ZTcwMWM0MDA4NzJkYjdhNTk3NmY3In0.KtjKgURXSVuWfgtQFvpqo19hb0yCuI4Nijzb_hRw1D4",
    "token_type": "bearer",
    "expires_in": 3600
  }
}
PreviousSecurityNextIdempotency in API Requests

Last updated