Overview
Flabs authentication APIs allow you to securely authenticate clients and manage tokens for API access.Generate Token
Get auth tokens using client credentials
Refresh Token
Refresh your auth token when it expires
Authentication Flow
Our authentication system uses a two-token approach with a streamlined flow designed for security and efficiency:
Flow Breakdown
- Initial Authentication: Use your Client ID and Client Secret to generate both an access token and refresh token
- Token Storage: Store the refresh token securely in cache for future use
- API Access: Use the access token (valid for 10 minutes) for all API requests
- Token Refresh: When the access token expires, use the refresh token to generate a new access token without re-authentication
- Refresh Token Longevity: The refresh token remains valid for 30 days of inactivity, eliminating the need for frequent re-authentication
Key Benefits
- Access Token: Valid for 10 minutes, used for API requests
- Refresh Token: Expires after 30 days of inactivity; used to obtain new authentication tokens
- Seamless Experience: No need to repeatedly provide credentials once authenticated
All authentication tokens should be included in the Authorization header using
the Bearer scheme.
Getting Started
To integrate with our authentication system:- Obtain client credentials (Client ID and Client Secret)
- Generate an initial auth token using the token endpoint
- Store both tokens securely
- When the auth token expires, use the refresh endpoint to get the auth token again with logging again.