POST /api/auth/token
Authenticate user

Validates user’s email and password and returns auth token.

Use this token either by adding it to “Authorization” request header (preferred method) or to “token” request param.

Note: “Authorization” header value format is the following: “Bearer token”, request param value is just the token.

Examples

Login failed output example:

401 Unauthorized
{
  "error": "Invalid email or password."
}

Login succeeded output example:

200 OK
{
  "token": "rH8xoroj1-yCQM4uuRGT",
  "user_id": 2,
  "receipts_email": "76578310-63ee-4183-bf1b-57f16b507905@bezala.com"
}
    

Params

Param name Description
email
required

User’s email

Validations:

  • Must be a String

password
required

User’s password

Validations:

  • Must be a String


POST /api/auth/google/token
Authenticate user via Google access token

Validates Google access token and checks whether the claimed identity (email) corresponds to that of the token.

If valdation pass, returns token generated by Bezala (similar to /auth/token API method).

Use this token either by adding it to “Authorization” request header (preferred method) or to “token” request param.

Note: “Authorization” header value format is the following: “Bearer token”, request param value is just the token.

Params

Param name Description
email
required

User’s email (claimed identity)

Validations:

  • Must be a String

google_access_token
required

Access token received via Google’s OAuth2

Validations:

  • Must be a String


POST /api/auth/microsoft/token
Authenticate user via Microsoft access token

Validates Microsoft access token and checks whether the claimed identity (email) corresponds to that of the token.

If valdation pass, returns token generated by Bezala (similar to /auth/token API method).

Use this token either by adding it to “Authorization” request header (preferred method) or to “token” request param.

Note: “Authorization” header value format is the following: “Bearer token”, request param value is just the token.

Params

Param name Description
email
required

User’s email (claimed identity)

Validations:

  • Must be a String

microsoft_access_token
required

Access token received via Microsoft’s OAuth2

Validations:

  • Must be a String


POST /api/auth/okta/token
Authenticate user via Okta access token

Validates Okta access token and checks whether the claimed identity (email) corresponds to that of the token.

If valdation pass, returns token generated by Bezala (similar to /auth/token API method).

Use this token either by adding it to “Authorization” request header (preferred method) or to “token” request param.

Note: “Authorization” header value format is the following: “Bearer token”, request param value is just the token.

Params

Param name Description
email
required

User’s email (claimed identity)

Validations:

  • Must be a String

company_name
required

Company name

Validations:

  • Must be a String

okta_access_token
required

Access token received via Okta’s OAuth2

Validations:

  • Must be a String

okta_url
required

Company specific okta issuer url (okta_url) from Company settings

Validations:

  • Must be a String