Authentication
The Umbra ERP API uses Bearer JWT tokens for authentication. Obtain tokens by logging in with your credentials, then include the access token in every API request.
POST/v1/auth/login
JWT authentication
Authenticate a user and receive access and refresh tokens.
Required headers
- Name
Content-Type- Type
- string
- Description
Must be
application/json.
Required attributes
- Name
email- Type
- string
- Description
User's email address (or use
usernameinstead).
- Name
password- Type
- string
- Description
User's password.
Request
POST
/v1/auth/logincurl -X POST https://api.umbraerp.com/v1/auth/login \
-H "Content-Type: application/json" \
-d '{
"email": "user@example.com",
"password": "your_password"
}'
Response
{
"result": "success",
"message": "You have successfully logged in!",
"accessToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
"refreshToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..."
}
POST/v1/auth/refresh
Token refresh
Use your refresh token to obtain a new access token when it expires.
Required attributes
- Name
refreshToken- Type
- string
- Description
The refresh token received during login.
Request
POST
/v1/auth/refreshcurl -X POST https://api.umbraerp.com/v1/auth/refresh \
-H "Content-Type: application/json" \
-d '{
"refreshToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..."
}'
Response
{
"result": "success",
"accessToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..."
}
Environments
Umbra ERP provides two environments for different stages of your integration:
| Environment | Base URL |
|---|---|
| Production | https://api.umbraerp.com |
| Staging | https://staging-api.umbraerp.com |
Using the access token
Include the JWT access token in the Authorization header of every request:
Authorization: Bearer <your_access_token>
Access tokens expire after a set period. Use the refresh token endpoint to obtain a new access token without re-authenticating.