Authentication

Create a member - Sign-up

The "Sign Up" endpoint facilitates the registration process for new users, allowing them to create an account within the system. This endpoint collects user-provided information such as username, email, and password, then validates and stores this data to enable access to the platform's features and services.

The member are special entities under the group arke_auth_member, to create a member you have to provide all parameters required and additional special arke_system_user object.

Headers

Key	Value
arke-project-key	<YOUR_PROJECT_ID>
content-type	application/json

Body

Key	Value
username	<YOUR_USERNAME>
password	<YOUR_PASSWORD>
arke_system_user	{ password, username, email }
other_parameters	Other member parameters

HTTP Response status

Status code	Description
200	OK
401	Unauthorized
403	Forbidden
500	Internal server error

Code samples for "Create a member"

POST

/api/lib/auth/{member_arke_id}/signup

curl --location 'https://arkehub.com/api/lib/auth/{member_arke_id}/signup' \
-H "Arke-Project-Key: <YOUR_PROJECT_ID>" \
-H 'Content-Type: application/json' \
--data-raw '{
    "username": "user@arkehub.com",
    "password": "my_secret_password_123!",
    "arke_system_user":{
        "username":"user_username",
        "password":"my_secret_password_123!",
        "email":"user@arkehub.com"
    }
}'

Response with created and autenticated member information

{
    "content": {
    "access_token": "eyJhbGciOiJIUzUxMiIsInR6IkpXVCJ9...",
    "arke_id": "super_admin",
    // ID of user stored on Arke System
    "arke_system_user": "c2e3b048-1a6a-11ee-908c-1a84faf9f6ef",
    "auth_token": null,
    "email": "user@arkehub.com",
    "first_access_time": "2024-04-02T20:05:30.919280Z",
    "first_name": "Admin",
    "id": "824135a6-52e6-11ee-9387-96e316d04b51",
    "inserted_at": "2023-09-14T10:07:27.000000Z",
    "last_access_time": "2024-04-03T16:20:12.452059Z",
    "last_name": "Super",
    "metadata": {},
    "refresh_token": "eyJhbGciOiJIUzUxMiIsInR5IkpXVCJ9...",
    ...additional member parameters
},
    "messages": []
}

Authenticate a member - Sign-in Credentials

The "Authenticate a member" endpoint enables users to securely authenticate and access their accounts within the system. Users provide their credentials, a combination of a username/email and password, to validate their identity and gain access to the platform's features and resources.

Headers

Key	Value
arke-project-key	<YOUR_PROJECT_ID>
content-type	application/json

Body

Key	Value
username	<YOUR_USERNAME>
password	<YOUR_PASSWORD>

Upon successful authentication, the response contains an access token which should be included in subsequent requests for authorized access to protected resources. It's recommended to use HTTPS to ensure secure transmission of credentials. Always validate user input and sanitize data to prevent injection attacks.

HTTP Response status

Status code	Description
200	OK
401	Unauthorized
403	Forbidden
500	Internal server error

Code samples for "Authenticate a member"

POST

/api/lib/auth/signin

curl --location 'https://arkehub.com/api/lib/auth/signin' \
-H "Arke-Project-Key: <YOUR_PROJECT_ID>" \
-H 'Content-Type: application/json' \
--data-raw '{
    "username": "user@arkehub.com",
    "password": "my_secret_password_123!",
}'

Response with member information

{
    "content": {
        "access_token": "eyJhbGciOiJIUzUxMiIsInR6IkpXVCJ9...",
        "arke_id": "super_admin",
        // ID of user stored on Arke System
        "arke_system_user": "c2e3b048-1a6a-11ee-908c-1a84faf9f6ef",
        "auth_token": null,
        "email": "user@arkehub.com",
        "first_access_time": "2024-04-02T20:05:30.919280Z",
        "first_name": "Admin",
        "id": "824135a6-52e6-11ee-9387-96e316d04b51",
        "inserted_at": "2023-09-14T10:07:27.000000Z",
        "last_access_time": "2024-04-03T16:20:12.452059Z",
        "last_name": "Super",
        "metadata": {},
        "refresh_token": "eyJhbGciOiJIUzUxMiIsInR5IkpXVCJ9...",
        ...additional member parameters
    },
    "messages": []
}

Authenticate a member - One-Time-Password (OTP)

If OTP methods it enabled on your backend, the signin credentials needs an additional otp key to authenticate the member.

To authenticate your account with OTP method, you have to call the sign in API two times.

On the first time you can provide the standard username/password combination with the otp key set to null. If user exist, this request send an email to your account containing a alphanumeric/numeric code that you have to use in seconds request.

Repeat the sign in API call setting the otp key with the code received by email. If it is correct the user will be authenticated and you'll receive the member session on the response

Headers

Key	Value
arke-project-key	<YOUR_PROJECT_ID>
content-type	application/json

Body

Key	Value
username	<YOUR_USERNAME>
password	<YOUR_PASSWORD>
otp	null / <OTP_CODE>

HTTP Response status

Status code	Description
200	OK
401	Unauthorized
403	Forbidden
500	Internal server error

Code samples for "Authenticate a member OTP"

POST

/api/lib/auth/signin

curl --location 'https://arkehub.com/api/lib/auth/signin' \
-H "Arke-Project-Key: <YOUR_PROJECT_ID>" \
-H 'Content-Type: application/json' \
--data-raw '{
    "username": "user@arkehub.com",
    "password": "my_secret_password_123!",
    "otp": null,
}'

curl --location 'https://arkehub.com/api/lib/auth/signin' \
-H "Arke-Project-Key: <YOUR_PROJECT_ID>" \
--header 'Content-Type: application/json' \
--data-raw '{
    "username": "user@arkehub.com",
    "password": "my_secret_password_123!",
    "otp": '12345',
}'

Response with member information

{
    "content": {
    "access_token": "eyJhbGciOiJIUzUxMiIsInR6IkpXVCJ9...",
    "arke_id": "super_admin",
    // ID of user stored on Arke System
    "arke_system_user": "c2e3b048-1a6a-11ee-908c-1a84faf9f6ef",
    "auth_token": null,
    "email": "user@arkehub.com",
    "first_access_time": "2024-04-02T20:05:30.919280Z",
    "first_name": "Admin",
    "id": "824135a6-52e6-11ee-9387-96e316d04b51",
    "inserted_at": "2023-09-14T10:07:27.000000Z",
    "last_access_time": "2024-04-03T16:20:12.452059Z",
    "last_name": "Super",
    "metadata": {},
    "refresh_token": "eyJhbGciOiJIUzUxMiIsInR5IkpXVCJ9...",
    ...additional member parameters
},
    "messages": []
}

Verify access token

The "Verify Token" API endpoint allows clients to verify the authenticity and validity of an access token issued by the system. Access tokens are commonly used for authentication and authorization purposes, and this endpoint provides a means to ensure that the token is valid and has not been tampered with.

Headers

Key	Value
arke-project-key	<YOUR_PROJECT_ID>
Authorization	Bearer <ACCESS_TOKEN>
content-type	application/json

HTTP Response status

Status code	Description
200	OK
401	Unauthorized
403	Forbidden
500	Internal server error

Code samples for "Verify token"

POST

/api/lib/auth/verify

curl --location 'https://arkehub.com/api/lib/auth/verify' \
-H "Arke-Project-Key: <YOUR_PROJECT_ID>" \
-H "Authorization: "Bearer <ACCESS_TOKEN>" \
-H 'Content-Type: application/json' \

Response

{
    "content": null,
    "messages": []
}

Refresh access token

The "Refresh Access Token" endpoint provides a mechanism for clients to obtain a new access token without requiring the user to re-enter their credentials. This endpoint is typically used to extend the validity of an existing access token, thereby maintaining the user's authenticated session without the need for frequent re-authentication.

Headers

Key	Value
arke-project-key	<YOUR_PROJECT_ID>
Authorization	Bearer <ACCESS_TOKEN>
content-type	application/json

HTTP Response status

Status code	Description
200	OK
401	Unauthorized
500	Internal server error

Code samples for "Verify token"

POST

/api/lib/auth/refresh

curl --location 'https://arkehub.com/api/lib/auth/refresh' \
-H "Arke-Project-Key: <YOUR_PROJECT_ID>" \
-H "Authorization: "Bearer <ACCESS_TOKEN>" \
-H 'Content-Type: application/json' \

Response

{
    "content": null,
    "messages": []
}

Recover & Reset password

The "Recover & Reset password" endpoint facilitates the recover password process for users, allowing them to reset their password. The recovery process occurs in two steps.

On first step we have to call the recover password endpoint, this needs the user authentication's email to send an email containing a Token.

On second step we have to call the reset password endpoint, this needs the new user password and token received by email.

Headers

Key	Value
arke-project-key	<YOUR_PROJECT_ID>

Recover password request Body

Key	Value
email	<YOUR_EMAIL>

Reset password request Body

Key	Value
new_password	<YOUR_SECRET_PASSWORD>

HTTP Response status

Status code	Description
200	OK
401	Unauthorized
403	Forbidden
500	Internal server error

Code samples for "Recover password"

POST

/api/lib/auth/recover_password

curl --location 'https://arkehub.com/api/lib/auth/recover_password' \
-H "Arke-Project-Key: <YOUR_PROJECT_ID>" \
-H 'Content-Type: application/json' \
--data-raw '{
    "email":"user@arkehub.com"
}'

Code samples for "Reset password"

POST

/api/lib/auth/reset_password/{token}

curl --location 'https://arkehub.com/api/lib/auth/reset_password/{token}' \
-H "Arke-Project-Key: <YOUR_PROJECT_ID>" \
-H 'Content-Type: application/json' \
--data-raw '{
    "new_password": "YOUR_SECRET_PASSWORD"
}'

About the REST Api Arke