Amani REST API

Amani REST API uses JSON Web Token authentication. There are two types of tokens used in the Amani system:

User token: Token obtained by logging in to the system. With the user token, users can perform all actions within their permission groups.
Profile token: Token obtained by creating a profile. With the profile token, users can only perform actions related to that profile.

On server side you must first login with your credentials and get a user token for next steps. This token should be used only on server side requests and not used on Web SDK link.

curl '<base_url>/api/v2/user/login' \
-H 'Content-Type: application/json' \
--data '{
    "username": "user@account.com",
    "password": "password"
}'

Response includes the user information, refresh token and access token you can use for the rest of the API requests.

{
  "id": "user uuid",
  "username": "username",
  "first_name": "first name",
  "last_name": "last name",
  "phone": "phone number",
  "refresh": "refresh token",
  "access": "access token",
  "groups": [
    // permission group of the user
  ],
  "company_id": "company uuid",
  "permissions": [
    // list of permissions user have
  ]
}

Refresh Token

You can refresh your user or profile token.

curl '<base_url>/api/v2/token/refresh/' \
-H 'Content-Type: application/json' \
--data '{
    "refresh": "<profile_refresh_token>/<user_refresh_token>"
}'

Response:

{
    "access": "<new_profile_token>/<new_user_token>"
}

Login​

Refresh Token​

Login

Refresh Token