User Token

The user token is available on the AUTH APIs. You can find the set of REST collections on API Docs -> Postman -> AUTH. It's possible to receive the bearer Token when the Sign in/Signup endpoints are called. That way you will have access to both of them, the User Token and the Refresh Token throughout the API response.

Signup User Token Response

The default response when the user sign up in your application:

{
  "data": {
    "uid": "gdHPpGvwkZYZcU5B7U7oYkqa7Ic2",
    "email": "user@example.com",
    "emailVerified": false,
    "disabled": false,
    "idToken": "eyJhbGciOiJSUzI1NiIsImtpZCI6IjdjZjdmODcyNzA5MWU0Yzc3YWE5OTVkYjYwNzQzYjdkZDJiYjcwYjUiLCJ0eXAiOiJKV1QifQ.eyJpc3MiOiJodHRwczovL3NlY3VyZXRva2VuLmdvb2dsZS5jb20vZGVza3JlZS04NjAwMjZmNS01NGVjLTQ3M2UtYiIsImF1ZCI6ImRlc2tyZWUtODYwMDI2ZjUtNTRlYy00NzNlLWIiLCJhdXRoX3RpbWUiOjE3MDU0MDYxNzQsInVzZXJfaWQiOiJnZEhQcEd2d2taWVpjVTVCN1U3b1lrcWE3SWMyIiwic3ViIjoiZ2RIUHBHdndrWllaY1U1QjdVN29Za3FhN0ljMiIsImlhdCI6MTcwNTQwNjE3NCwiZXhwIjoxNzA1NDA5Nzc0LCJlbWFpbCI6IndlbDBjcEBnbWFpbC5jb20iLCJlbWFpbF92ZXJpZmllZCI6ZmFsc2UsImZpcmViYXNlIjp7ImlkZW50aXRpZXMiOnsiZW1haWwiOlsid2VsMGNwQGdtYWlsLmNvbSJdfSwic2lnbl9pbl9wcm92aWRlciI6InBhc3N3b3JkIn19.fTIOFJNovcEZ3wDsgSzNdaRazNI-nhm16zZkVU6-zn8b3cvYro2ybNNQpR5NfzCDkJf5L42TS2q0WRki3nvsQfa8Q9_A3IorryhKrI80eQS3Pp-d4NVEa8uQglJkhDND9homAf8Aa8zS8aJcJ2DTyAgZ9L2yq0-QvCFBpAcT4RJ3YNa6S_C8qjOQevkg_O7G5PzhM9Psg43Owo4mRgaT7Lo4EKHNaqR8e4mAK79IQRxg6bPwy2zbQu0zu_ck7W2U-mc50OtzzuEEDYaoLriPwjZxKnT0ilIbbTZTD2bq3MWxeDHDnWcXCso5QCW6iq7C5-u9_zdr6BPSw-ROXx3lOQ",
    "refreshToken": "AMf-vBzO7hJhY91n3tifXKifRfRgyZiDFyUJdO92F2a6v_xxx7REyzogIsOPzDLu97O88YYVi67jsZF9SUVZ9xadPhgo3KfeORa64u9e0iUXvXtxoCCyl_JWnxoWvLkJRtKAGXGQdLcNx5ztxKzOFSr2MfajifGYp_QS0Y8gH3xk9Wvzfpc1jrD0qUFsE5orswtnb4Pyg2OgHxALUbAyQVZ16TEnJTSBos8FF9TCoSR_nM071IpGxLs",
    "expiresIn": "3600"
  }
}

Refresh Token

The Refresh Token plays a vital part on the Authentication, it's through it that you will be able to call the "Exchange refreshToken for idToken" endpoint. That way, on the response, you will receive a new User Token and also a new Refresh Token.

Ensure to safely store the user tokens on your application.

Swagger

On the platform at API Docs -> Swagger -> Authentication there is all the available endpoints. It's possible to make the necessary calls to test any of the auth endpoints and see the authorization tokens. Remember that any of the calls, are actually being made. So if you sign up a user, it will appear on your Database -> users table.

Those calls will count towards your API limits. Use it with moderation.

Last updated