VPN EnterpriseDocs
DocumentationAPI ReferenceAuthentication

Authentication

Secure authentication endpoints for managing user sessions and API access

Authentication Overview

VPN Enterprise uses Bearer token authentication. All API requests must include a valid access token in the Authorization header.

Token Format

Bearer eyJhbGciOiJIUzI1NiIs...

Token Expiry

3600 seconds (1 hour)

Quick Start

1
Login

Authenticate with your credentials to get an access token.

POST /auth/login
2
Use Token

Include the token in the Authorization header for API requests.

Authorization: Bearer TOKEN

API Endpoints

POST/auth/login
Authenticate with email and password to receive an access token

Request Body

{
  "email": "user@company.com",
  "password": "secure_password"
}
POST/auth/refresh
Refresh an expired access token using a refresh token

Request Body

{
  "refresh_token": "rt_abc123def456..."
}
POST/auth/logout
Invalidate the current access token and refresh token

Request Body

{}
GET/auth/me
Get information about the currently authenticated user

Response

{
  "success": true,
  "user": {
    "id": "usr_123",
    "email": "user@company.com",
    "name": "John Doe",
    "role": "admin",
    "created_at": "2024-01-15T10:30:00Z",
    "last_login": "2024-12-02T14:20:00Z"
  }
}

Security Best Practices

Secure Token Storage

Store tokens securely in environment variables or secure storage solutions. Never expose tokens in client-side code.

Token Refresh

Implement automatic token refresh using refresh tokens to maintain session continuity without user intervention.

HTTPS Only

Always use HTTPS in production. Authentication endpoints will reject HTTP requests in production environments.

Example Implementation

const response = await fetch('https://api.vpnenterprise.com/v1/auth/login', {
  method: 'POST',
  headers: {
    'Content-Type': 'application/json',
  },
  body: JSON.stringify({
    email: 'user@company.com',
    password: 'secure_password'
  })
});

const data = await response.json();
if (data.success) {
  localStorage.setItem('token', data.token);
  // Use token for subsequent requests
  const apiResponse = await fetch('https://api.vpnenterprise.com/v1/auth/me', {
    headers: {
      'Authorization': `Bearer ${data.token}`
    }
  });
}

Next Steps

Now that you understand authentication, explore other API endpoints to build your application.