Skip to content
.seventhings.com

Prefill your credentials

Fill in your non-secret values to have them appear in the examples below. Stored locally in your browser.

Obtain an access token

POST
/customer-api/v1/auth_token
curl --request POST \
--url https://your-instance.seventhings.com/customer-api/v1/auth_token \
--header 'Content-Type: application/json' \
--data '{ "username": "your username", "password": "S3cR3tP4ßW0rD", "client_id": "hash456789012345678901234567890123456789", "grant_type": "password" }'
One of:

The login credentials for the web API.

object
username
required

Your login username for the web app.

string
>= 1 characters
password
required

Your secret password.

string
>= 1 characters
client_id
required

The client_id, request on request

string
grant_type
Allowed values: password
Example
{
"username": "your username",
"password": "S3cR3tP4ßW0rD",
"client_id": "hash456789012345678901234567890123456789",
"grant_type": "password"
}

Success

Media typeapplication/json

A default OAuth2 with the Resource owner password credentials flow with some additional data.

object
access_token

The access token to authenticate all restricted routes.

string
expires_in

The seconds until the token expires.

integer
token_type

This API only supports bearer tokens currently.

string
scope

The scope is currently not in use.

string
nullable
refresh_token

The refresh token is currently not in use.

string
user_id

The unique identifier of the authenticated user.

integer
Example
{
"access_token": "e68f38c2dca2add6c5528e16d7a2b453371e5870",
"expires_in": 3600,
"token_type": "Bearer",
"scope": null,
"refresh_token": "2b57a8d37baf1ef3a436968da51149b2eddf7f0f",
"user_id": 1
}

Request body is missing or invalid or request data is invalid.

Invalid username and password combination or refresh token

User is not allowed to login

Media typeapplication/json

Contains information on why the user is not allowed to login

object
detail
  • LoginDeactivated - User is temporarily not allowed to login
  • Banned - User is banned
  • EmailUnconfirmed - User email is not confirmed yet
  • Inactive - User is not activated
  • OnlySSOLoginAllowed - User is sso user and only allowed to login with sso provider
string
Allowed values: LoginDeactivated Banned EmailUnconfirmed Inactive OnlySSOLoginAllowed
Example
{
"detail": "LoginDeactivated"
}

Internal Server Error.