Skip to main content

Authentication

All requests to our back-end services must include an access_token in the request header.

cURL request example

curl --location -g --request GET 'http://qapi.qpos.me/cubejs-api/v1/load?query={QUERY}' \
--header 'Authorization: Bearer {access_token}'

NodeJS Axios request example

var axios = require("axios");

var config = {
method: "get",
url: "http://qapi.qpos.me/cubejs-api/v1/load?query={QUERY}",
headers: {
Authorization: "Bearer {access_token}",
},
};

axios(config)
.then(function (response) {
console.log(JSON.stringify(response.data));
})
.catch(function (error) {
console.log(error);
});

Obtain an access token

Request url

https://capi.qpos.me/login

Data (all fields are required)

FieldDescription
emailEmail address
passwordSecret password

Request example

curl --request POST 'https://capi.qpos.me/login' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'email=user@mail.com' \
--data-urlencode 'password=secret_password'

Response example

{
"access_token": "eyJhbGciOiJSU...",
"refresh_token": "AFxQ4_pd...",
"expires_in": 3600
}

Exchange a refresh token for an access token

Request url

https://capi.qpos.me/refresh

When an access token has expired or is close to expiring, a request can be made to exchange to refresh token for new access token. If the refresh token is no longer valid or has been revoked, the user must log in again to obtain a new access token and refresh token.

Data (all fields are required)

FieldDescription
refresh_tokenRefresh token obtained when signing in

Refresh token example

curl --request POST 'https://capi.qpos.me/refresh' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'refresh_token=AFxQ4_r8BapvEWi81RJ...'

Response example

{
"access_token": "eyJhbGciOiJSU...",
"refresh_token": "AFxQ4_pd...",
"expires_in": 3600
}