| Code (e.g. en-us) | Label | Flag Icon | |
|---|---|---|---|
Protect your API from abuse by limiting the number of requests per IP address.
Configure the expiration duration for access and refresh tokens.
Note: To apply changes made in application.php,
you must restart or reset RoadRunner:
./rr reset
* Read-only.
|
|
|
Actions | ||
|---|---|---|---|---|
|
|
|
|||
| No data found |
Exchange email and password for a JWT Access Token and Refresh Token.
{
"email": "user@example.com",
"password": "yourpassword"
}curl -X POST "/api/v1/auth/login" \
-H "Content-Type: application/json" \
-d '{"email":"admin@spicyflow.com", "password":"admin123"}'Obtain a new Access Token using a valid Refresh Token.
{
"refresh_token": "your_refresh_token_here"
}curl -X POST "/api/v1/auth/refresh" \
-H "Content-Type: application/json" \
-d '{"refresh_token":"..."}'Partners can connect to the API using a Private Key and Partner ID. Authentication is performed by signing a JWT payload using RS256 algorithm.
pid: Your Partner IDiat: Issued At (Unix timestamp)name: Partner Name (identifier)private string $privateKey = "<<<EOT
-----BEGIN PRIVATE KEY-----
... (Your Private Key Here) ...
-----END PRIVATE KEY-----
EOT";
private string $partnerId = 'YOUR_PARTNER_ID';
private string $baseUrl = "";
/**
* Generate JWT using Partner Private Key (RS256)
*/
private function generateJwt(): string
{
$payload = [
'pid' => $this->partnerId,
'iat' => time(),
'name' => 'your_partner_slug'
];
return \Firebase\JWT\JWT::encode($payload, $this->privateKey, 'RS256');
}
/**
* Example Request using Yii HTTP Client
*/
private function request(string $url, string $method = 'GET', array $body = []): mixed
{
$client = new \Yiisoft\Http\Client\Client();
$request = $client->createRequest($method, $this->baseUrl . $url)
->addHeader('Authorization', 'Bearer ' . $this->generateJwt())
->addHeader('Content-Type', 'application/json');
if (!empty($body)) {
$request->withContent(json_encode($body));
}
$response = $request->send();
return $response->getData();
}
page: Page number (default: 1)
per_page: Records per page
(default: 20)search: Full-text search
stringsort: Field name to sort by
sort_dir: Direction (ASC or
DESC)filter_{field}: Filter by
specific field (e.g.,
filter_status=active)
| Parameter | Type | Description |
|---|---|---|
|
curl -X GET "/api/v1/data/?page=1&per_page=10" \
-H "Authorization: Bearer {YOUR_API_KEY}"
curl -X POST "/api/v1/data/" \
-H "Authorization: Bearer {YOUR_API_KEY}" \
-H "Content-Type: application/json" \
-d ''Retrieve detailed information about a single record.
curl -X GET "/api/v1/data//1" \
-H "Authorization: Bearer {YOUR_API_KEY}"Update an existing record.
curl -X PUT "/api/v1/data//1" \
-H "Authorization: Bearer {YOUR_API_KEY}" \
-H "Content-Type: application/json" \
-d '{"": {"name": "Updated Name"}}'Permanently remove a record.
curl -X DELETE "/api/v1/data//1" \
-H "Authorization: Bearer {YOUR_API_KEY}"Each token is valid for 24 hours from the time of issuance (login).
Keep your token secure and never expose it in public client-side code. For permanent integrations, ensure you have a mechanism to refresh or update the token daily.
| Label | Name | Type | Actions |
|---|---|---|---|
|
| ID | Recipient | Template | Status | Attempts | Created At | Last Attempt | Remarks / Errors |
|---|---|---|---|---|---|---|---|
| Pending Retry Delay Sent Processing Failed | |||||||
| No background jobs found. | |||||||