Authentication
All API endpoints require proper authentication. Follow the steps below to authenticate.
Authentication Flow
1
Get API Token
Contact us for your API access token
2
Authenticate User
POST to /auth with credentials
3
Use Access Token
Include in Authorization header
Token Types
1. API Access Token (Required for ALL endpoints)
Purpose: General API access control
Format: UUID (36 characters)
Usage: Required for all endpoints including authentication
Example: ?api_token=123e4567-e89b-12d3-a456-426614174000
2. Access Token (Required for user-specific endpoints)
Purpose: User authentication and authorization
Format: JWT (JSON Web Token)
Expiration: Configurable (usually 1 hour)
Usage: Include in Authorization header as Bearer token
How to get access token:
POST /api/refresh?api_token=your_api_token
Content-Type: application/json
{
"refresh_token": "your_refresh_token_here"
}Header Format
For endpoints requiring user authentication:
Authorization: Bearer your_access_token_hereAPI token is always in URL:
https://api.creditrisk.co.za/api/endpoint?api_token=your_api_token