Authentication
Every endpoint except authenticate itself requires a JWT bearer token. You obtain one by posting a username and
password to the authenticate endpoint, then send it as an Authorization: Bearer <token> header on subsequent requests.
Log In
- HTTP Method:
POST - Endpoint:
/api/v1/authenticate - Authorization: None (anonymous)
- Minimum Permission: None — any valid user account
Request Body
{
"username": "your_username",
"password": "your_password"
}
Response
{
"username": "your_username",
"token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1bmlxdWVfbmFtZSI6..."
}
The token value is your JWT. Store it and send it on every other request:
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...
Code Examples
- Curl
- PowerShell
- C#
# Define variables
API_URL="https://customername.econnectcloud.com/identities"
USERNAME="your_username"
PASSWORD="your_password"
# Authenticate and capture the JWT from the "token" field
TOKEN=$(curl -sk -X POST "$API_URL/api/v1/authenticate" \
-H "Content-Type: application/json" \
-d "{\"username\": \"$USERNAME\", \"password\": \"$PASSWORD\"}" | jq -r '.token')
echo "$TOKEN"
# Use $TOKEN as: -H "Authorization: Bearer $TOKEN" on subsequent requests
# Define variables
$API_URL = "https://customername.econnectcloud.com/identities"
$USERNAME = "your_username"
$PASSWORD = "your_password"
$body = @{
username = $USERNAME
password = $PASSWORD
} | ConvertTo-Json
$response = Invoke-RestMethod -Uri "$API_URL/api/v1/authenticate" `
-Method Post -Body $body -ContentType "application/json"
$token = $response.token
# Now $token can be used as: @{ Authorization = "Bearer $token" }
$token
using eConnect.IdentitiesDbSdk;
// NuGet: eConnect.IdentitiesDbSdk
// This is a PRIVATE package - request access from eConnect support (support@econnect.tv).
// Create an HTTP client
var httpClient = new HttpClient();
// GetSdk logs in (POST /api/v1/authenticate), stores the JWT, and renews it
// automatically before each call - so you normally never touch the token yourself.
var sdk = await IdentityDbSdk.GetSdk(
"https://customername.econnectcloud.com/identities",
httpClient,
"your_username",
"your_password");
// Need the raw JWT (for example, to call the REST API by hand)?
string jwt = await sdk.GetValidAccessToken(CancellationToken.None);
Console.WriteLine(jwt);
Replace the placeholders (your-api-url, your_username, your_password) with your actual API details.
Renew the Token
JWTs expire. Before expiry, exchange your current (still-valid) token for a fresh one — no need to send the password again.
- HTTP Method:
GET - Endpoint:
/api/v1/renewToken - Authorization:
Bearer <current JWT> - Minimum Permission: None — any authenticated user
Response
{
"username": "your_username",
"token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...new..."
}
When you use the eConnect.IdentitiesDbSdk package, IdentityDbSdk.GetSdk(...) logs in automatically and renews the
token in the background before each call — you normally never handle the JWT yourself. Use
sdk.GetValidAccessToken(ct) if you need the raw token.
Response Codes
| Code | Meaning |
|---|---|
200 OK | Authentication succeeded; the JWT is in the token field. |
400 Bad Request | Username or password is incorrect. |
401 Unauthorized | Missing or invalid JWT (on renewToken and all protected endpoints). |
Next Steps
- Publish With Response — use your token to publish a face.
- Technical Architecture — see the full auth + publish flow.