Authentication
Security is a priority for Aura Live. Most API endpoints and all WebSocket connections require a valid authentication token.
Send a POST request to /login with your username and password using application/x-www-form-urlencoded content type.
curl -X POST "https://aura.authot.live/backend/login" \ -d "username=your_username" \ -d "password=your_password"The response contains a JWT access token:
{ "access_token": "YOUR_JWT_TOKEN", "token_type": "bearer"}Authentication Methods
Section titled “Authentication Methods”1. Bearer Token (Recommended)
Section titled “1. Bearer Token (Recommended)”Include the JWT token in the Authorization header:
curl -X GET "https://aura.authot.live/backend/languages/" \ -H "Authorization: Bearer your_token_here"2. API Key Header
Section titled “2. API Key Header”Use the X-API-Key header with an API token generated from your user settings:
curl -X GET "https://aura.authot.live/backend/languages/" \ -H "X-API-Key: your_api_key_here"API Token Management
Section titled “API Token Management”API tokens can be managed through the user settings. These are separate from the JWT login token and are useful for long-term integrations.
WebSocket Authentication
Section titled “WebSocket Authentication”For WebSocket connections, provide your token as a query parameter:
const socket = new WebSocket('wss://aura.authot.live/backend/ws/session?token=your_token_here');[!CAUTION] Never share your API tokens. If a token is compromised, revoke it immediately and generate a new one.