> ## Documentation Index
> Fetch the complete documentation index at: https://api-docs.tarla.io/llms.txt
> Use this file to discover all available pages before exploring further.

# Authentication

> Authentication guarantees privacy of API Services by authenticating users. Authentication requires users to log in before accessing iklim.co API Services. This guide covers setup for each available handshake method.

<Danger>
  All authorized endpoints require `Authorization: Bearer <ACCESS_TOKEN>` header in request!<br /> Otherwise API client will receive an error message with status `401 - Unauthorized`
</Danger>

Example Header:

```ini theme={null}
Authorization: Bearer eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJtdXJhdG96ZGVtaXJAdGFybGEuaW8iLCJ1c2VySWQiOiJjOGI1OTQwZS01M2QyLTQwZGYtYTg4Yi0xMTBjODYxNTVjZmEiLCJyb2xlcyI6WyJBUElfVVNFUiIsIkFETUlOIl0sImxvY2FsZSI6InRyX1RSIiwidGltZVpvbmUiOiJFdXJvcGUvSXN0YW5idWwiLCJpYXQiOjE3NTMyMTA2MzQsImV4cCI6MTc1MzIxNDIzNH0.hfF1bjcNDhVthtpaZ_HkysA-zJH3VN1a6Sr59aRZbk0
```

# 1. Login Operation

> Login Operations are Made With Username And Password<br />
> API Endpoint: `/v1/auth/login`

Example Request Payload:

```json theme={null}
{
  "username": "name@domain.com",
  "password": "password"
}
```

Example Success Response:

```json theme={null}
{
    "username": "name@domain.com",
    "type": "Bearer",
    "accessToken": "eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJtdXJhdG96ZGVtaXJAdGFybGEuaW8iLCJ1c2VySWQiOiJjOGI1OTQwZS01M2QyLTQwZGYtYTg4Yi0xMTBjODYxNTVjZmEiLCJyb2xlcyI6WyJBUElfVVNFUiIsIkFETUlOIl0sImxvY2FsZSI6InRyX1RSIiwidGltZVpvbmUiOiJFdXJvcGUvSXN0YW5idWwiLCJpYXQiOjE3NTMyMDc1OTAsImV4cCI6MTc1MzIxMTE5MH0.fTCunl7i7yQ8nAuughBpvpRfdH8VFK8uhZWeTrDOPAc",
    "refreshToken": "eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJtdXJhdG96ZGVtaXJAdGFybGEuaW8iLCJ1c2VySWQiOiJjOGI1OTQwZS01M2QyLTQwZGYtYTg4Yi0xMTBjODYxNTVjZmEiLCJsb2NhbGUiOiJ0cl9UUiIsInRpbWVab25lIjoiRXVyb3BlL0lzdGFuYnVsIiwiaWF0IjoxNzUzMjA3NTkwLCJleHAiOjE3NTMyOTM5OTB9.ozFiZzNPSUtzwvu3wuocA8q8t6MlqbyT6On2i0vSENQ"
}
```

<Tip>
  Access Tokens are valid for only 1 hour. Refresh tokens are valid for 1 day!
</Tip>

Possible Error Responses:

```json theme={null}
{
  "timestamp": "2025-04-14T16:58:22.22308754",
  "status": 401,
  "error": "Unauthorized",
  "message": "Bad credentials",
  "path": "/auth/login"
}
```

```json theme={null}
{
"timestamp": "2025-04-21T16:35:54.095818",
"status": 401,
"error": "Unauthorized",
"message": "User is disabled",
"path": "/auth/login"
}
```

# 2. Authentication Token Refresh Operation

> When the Authentication Token expires, it is renewed using the refresh token<br />
> API Endpoint: `/v1/auth/refresh`

Example Request Payload:

```json theme={null}
{
  "refreshToken": "eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJtdXJhdG96ZGVtaXJAdGFybGEuaW8iLCJ1c2VySWQiOiJjOGI1OTQwZS01M2QyLTQwZGYtYTg4Yi0xMTBjODYxNTVjZmEiLCJsb2NhbGUiOiJ0cl9UUiIsInRpbWVab25lIjoiRXVyb3BlL0lzdGFuYnVsIiwiaWF0IjoxNzUzMjA3NTkwLCJleHAiOjE3NTMyOTM5OTB9.ozFiZzNPSUtzwvu3wuocA8q8t6MlqbyT6On2i0vSENQ"
}
```

Responses are similar to `Login Operation`

<Warning>
  If you receive `401 - Unauthorized` response to your API requests, refresh your access token.<br />
  If you still receive `401 - Unauthorized` response to your Refresh Token requests, please Login before you proceed!
</Warning>
