Login to BioT


Log in to the User Management Service (UMS) requires pre-signup with username and password.

To login to the UMS, Login With Credentials Request:

  • Request: POST
  • URL: https://<your api endpoint>/ums/v2/users/login
  • Body:
    "username": "username",
    "password": "password"

For a successful login, the response holds a token that enables user access to BioT APIs:

  • Token is : response.accessJwt.token

For the rest of the API calls made from the gateway, use this token as part of the HTTP header authorization section:

Authorization: Bearer <token>

Save the refresh token sent to you from the login API call found at:

  • Refresh Token: response.refreshJwt.token

Token Maintenance

The access token received from the login API call is short-lived. To maintain an active session, refresh the token by using the refresh token, received from the login API call.

The refresh token is a convenience token with a longer expiration time than the access token. It prevents the user having to re-login with their username and password credentials.

Track the expiration time of the access token:

  • Access token expiration: response.accessJwt.expiration

Before making an API call, check if the access token is nearing expiration (e.g., within 5 seconds). If so, refresh the token before making the API call.

Refresh Access Token:

  • Request: POST
  • URL: https://<your api endpoint>/ums/v2/users/token/refresh
  • Body:
  "refreshToken": "string"

For a successful call, a new access token and refresh token will be returned the same way as the regular login call:

  • Access token is : response.accessJwt.token
  • Refresh Token: response.refreshJwt.token

Check the expiration time of the refresh token. If this token has also expired, then a new login API call with a username and password is needed.