Skip to main content

Amani REST API

Amani REST API uses JSON Web Token authentication. There are two types of tokens used in the Amani system:

  • User token: Token obtained by logging in to the system. With the user token, users can perform all actions within their permission groups.

  • Profile token: Token obtained by creating a profile. With the profile token, users can only perform actions related to that profile.

Login

On server side you must first login with your credentials and get a user token for next steps. This token should be used only on server side requests and not used on Web SDK link.

curl '<base_url>/api/v2/user/login' \
-H 'Content-Type: application/json' \
--data '{
"username": "user@account.com",
"password": "password"
}'

Response includes the user information, refresh token and access token you can use for the rest of the API requests.

{
"id": "user uuid",
"username": "username",
"first_name": "first name",
"last_name": "last name",
"phone": "phone number",
"refresh": "refresh token",
"access": "access token",
"groups": [
// permission group of the user
],
"company_id": "company uuid",
"permissions": [
// list of permissions user have
]
}

Refresh Token

You can refresh your user or profile token.

curl '<base_url>/api/v2/token/refresh/' \
-H 'Content-Type: application/json' \
--data '{
"refresh": "<profile_refresh_token>/<user_refresh_token>"
}'

Response:

{
"access": "<new_profile_token>/<new_user_token>"
}