Authentication

The API uses JWT (JSON Web Token) Bearer authentication. All protected endpoints require a valid token in the Authorization header.

Flow

Call POST /api/v1/auth/register with your name, email, and password.

Call POST /api/v1/auth/login with your credentials. You’ll receive an access_token.

Use the token in requests

Add the token to every protected request:

Authorization: Bearer <your_access_token>

Example

# 1. Register
curl -X POST http://localhost:3000/api/v1/auth/register \
  -H "Content-Type: application/json" \
  -d '{"name":"John","email":"john@example.com","password":"secret123"}'

# 2. Login
curl -X POST http://localhost:3000/api/v1/auth/login \
  -H "Content-Type: application/json" \
  -d '{"email":"john@example.com","password":"secret123"}'
# → { "access_token": "eyJ..." }

# 3. Authenticated request
curl http://localhost:3000/api/v1/projects \
  -H "Authorization: Bearer eyJ..."

Token Lifetime

Tokens are configured via the JWT_EXPIRATION environment variable (default: 7d).

Getting Started

​Authentication

​Flow

​Example

​Token Lifetime

Authentication

Flow

Example

Token Lifetime