API ReferenceAuthentication
Login
Authenticate with the API and receive access and refresh tokens
POST /auth/login
Exchange your API credentials for an access token and refresh token pair.
Request
curl -X POST https://api.octopuscards.io/auth/login \
-H "Content-Type: application/json" \
-d '{
"username": "your_api_key",
"password": "your_api_secret"
}'Request Parameters
| Key | Type | Required | Description |
|---|---|---|---|
username | string | Yes | Your API key retrieved from your dashboard |
password | string | Yes | Your API secret retrieved from your dashboard |
Response
{
"success": true,
"data": {
"access_token": "eyJhbGciOiJIUzI1NiIs...",
"refresh_token": "eyJhbGciOiJIUzI1NiIs...",
"access_expires_at": "2025-01-15T13:00:00Z",
"refresh_expires_at": "2025-01-22T12:00:00Z",
"client_id": 42
}
}Response Fields
| Key | Type | Description |
|---|---|---|
success | boolean | Always true on success |
data.access_token | string | JWT for authenticating API requests. Valid for 1 hour. |
data.refresh_token | string | JWT for obtaining new token pairs. Valid for 7 days. |
data.access_expires_at | string | ISO 8601 expiry timestamp for the access token |
data.refresh_expires_at | string | ISO 8601 expiry timestamp for the refresh token |
data.client_id | integer | Your client ID |
Errors
400 Bad Request - Missing required fields.
{
"error": {
"name": "ValidationException",
"code": "VALIDATION_FAILURE",
"message": "Username and password are required"
}
}Returned when username or password is empty or missing from the request body.