Acme API - Authentication

API Authentication Guide Overview: The Acme API uses Bearer token authentication for all endpoints. Tokens are obtained via the OAuth 2.0 client credentials flow.

Endpoint: POST /api/v1/auth/token

Description: Obtain an access token using client credentials.
Parameters:
  - client_id (string, required): Your application client ID
  - client_secret (string, required): Your application client secret
  - grant_type (string, required): Must be "client_credentials"
Response:
  - access_token (string): The bearer token to use in subsequent requests
  - token_type (string): Always "Bearer"
  - expires_in (integer): Token lifetime in seconds, default 3600

Endpoint: POST /api/v1/auth/refresh

Description: Refresh an expired access token.
Parameters:
  - refresh_token (string, required): The refresh token from initial auth
Response:
  - access_token (string): New bearer token
  - expires_in (integer): New token lifetime in seconds

Endpoint: DELETE /api/v1/auth/revoke

Description: Revoke an active access token.
Parameters:
  - token (string, required): The token to revoke
Response:
  - status (string): "revoked"

API Docs

Acme API - Authentication

Endpoint: POST /api/v1/auth/token

Endpoint: POST /api/v1/auth/refresh

Endpoint: DELETE /api/v1/auth/revoke