Authentication

To authenticate through Intelligrow API v1 requests must send an Authentication header with an access token. Requests that require authentication will return 403 Forbidden. Invalid or unauthorized requests will return 401 Unauthorized.

API Tokens

Tokens are generated by the Autogrow authorization server and are issued when the client requests them. There are 2 types of tokens:

API Access Token: This token allows the client to access the Autogrow user and device data. This token is sent by the client as a header in the request to the resource server. It has a limited lifetime of one hour.

Refresh Token: This token is issued with the access token but unlike the latter, it is not sent in each request from the client to the resource server. It merely serves to be sent to the authorization server for renewing the API access token when it has expired.

Request Auth Token

`POST /auth/token`

Request Headers

Content-Type: application/json

Request Body

{
  "username": "string",
  "password": "string"
}

Example Request

curl -d '{"username": "<username>", "password": "<password>"}' https://api.autogrow.com/v1/auth/token

HTTP/1.1 200 OK

Response Object

{
  "api_access_token": "string",
  "expires_in": "string",
  "refresh_token": "string"
}

Failed login

Authenticating with invalid credentials will return 401 Unauthorized

Error Response

{
  "error_message": "string",
  "error_type": "string"
}

Response Codes

Code	Description
200	OK
400	Bad Request
401	Unauthorized
500	Internal Server Error

Refresh Auth Token

`POST /auth/token/refresh`

Request a new API token to authenticate access to the Intelligrow API