# Xpansiv Data API Authentication & Token Management

## 1. Log In

Retrieve a JWT access token and a refresh token using Basic Authentication.
The access token is used for API requests, and the refresh token can generate a new access token when it expires.

### HTTP Request

`GET https://api.data.xpansiv.com/auth/login`

### Example


```shell
curl -u 'username:password' https://api.data.xpansiv.com/auth/login
```

### Response


```json
{
  "token": "your access token",
  "refreshToken": "your refresh token"
}
```

## 2. Log Out

Invalidate the refresh token to log out the user.

### HTTP Request

`POST https://api.data.xpansiv.com/auth/logout`

### Example


```shell
curl -X POST https://api.data.xpansiv.com/auth/logout -H "Authorization: Bearer yourAccessToken" -d '{"refreshToken":"your refresh token"}'
```

## 3. Refresh Access Token

Use the refresh token to obtain a new access token.

### HTTP Request

`POST https://api.data.xpansiv.com/auth/refresh`

### Example


```shell
curl -X POST https://api.data.xpansiv.com/auth/refresh -d '{"refreshToken":"your refresh token"}'
```

### Response


```json
{
  "token": "your access token",
  "refreshToken": "your refresh token"
}
```

## 4. Change Password

Update the user password.

### HTTP Request

`POST https://api.data.xpansiv.com/auth/changePassword`

### Example


```shell
curl -X POST https://api.data.xpansiv.com/auth/changePassword -d '{"password":"new user password"}'
```

## 5. SSO (Auth0) Tokens

To use the API via SSO, obtain an Auth0 access token by calling the Auth0 token endpoint.

### HTTP Request

`POST https://auth.xpansiv.com/oauth/token`

### Example


```shell
curl -X POST https://auth.xpansiv.com/oauth/token -d '{"username":"your username","password":"your Auth0 password","grant_type":"http://auth0.com/oauth/grant-type/password-realm","realm":"Username-Password-Authentication","scope":"SCOPE","audience":"https://xpansiv/platform","client_id":"your client ID","client_secret":"your client secret"}'
```