Login

General Description

The login endpoint is used for authenticating users within the API.
It receives a username and password in the request body, and if the authentication is valid, it returns an access token (JWT) along with a refresh token.
These tokens must be used to authorize requests to protected API resources.

⚠️ All requests to this endpoint must include the api-version=2.0 parameter in the URL.
URL: POST https://api.trackgps.ro/api/authentication/login?api-version=2.0

Request Parameters

Requests to this endpoint must be of type POST and include:

• Query parameter:

  • api-version: the API version. Recommended value: 2.0.

• The payload must be sent in the request body as form data with the following structure:

{
  "username": "user@example.com",
  "password": "SecretPassword123"
}

Property Descriptions

• username: The username or email address used for authentication.
• password: The password associated with the account.

Response Structure

A successful response (HTTP 200) will have the following format:

{
    "access_token": "eyJhbGciOavJZdtmkv3s9OW4ljE2V225_uTkntrDo-SDYwFGgYLbpQ",
    "expires_in": 28800,
    "token_type": "Bearer",
    "refresh_token": "8E65181908146821C79E26259683DF6F-1",
    "scope": "CarPoolingAPI IdentityServerApi offline_access openid profile TrackGPSV4Api"
}

Property Descriptions

• access_token: The JWT token used to authorize subsequent API requests.
• expires_in: The token’s validity duration (in seconds).
• token_type: The type of token, generally “Bearer”.
• refresh_token: Token that can be used to refresh the session without re-authentication.
• scope: List of permissions associated with the token.

Error Responses

• 400 Bad Request – Missing parameters or incorrect request structure.
• 401 Unauthorized – Invalid credentials or inactive user.
• 429 Too Many Requests – Rate limit exceeded for the current user.