Authentication
Security is a priority for Aura Live. Most API endpoints and all WebSocket connections require a valid authentication token.
API Tokens
Section titled “API Tokens”Aura Live uses the Bearer Token authentication scheme. Every request to a protected endpoint must include an Authorization header.
Authorization: Bearer <YOUR_API_TOKEN>Obtaining a Token
Section titled “Obtaining a Token”Tokens are managed via your user profile in the Aura Live frontend.
- Log in to the Aura Live Frontend.
- Navigate to your Profile/Settings.
- Generate a new API Token.
- Copy the token immediately (it will only be shown once).
Authentication Methods
Section titled “Authentication Methods”Depending on the endpoint or the library you are using, you might interact with authentication in two ways:
1. HTTP Authorization Header (Recommended)
Section titled “1. HTTP Authorization Header (Recommended)”This is the standard way to authenticate REST requests.
curl -X GET "https://api.aura-live.com/api/v1/languages" \ -H "Authorization: Bearer your_token_here"2. API Key Header
Section titled “2. API Key Header”Some endpoints also support authentication via a custom X-API-Key header, which is strictly mapped to your token.
curl -X GET "https://api.aura-live.com/api/v1/languages" \ -H "X-API-Key: your_token_here"WebSocket Authentication
Section titled “WebSocket Authentication”For WebSocket connections, authentication is handled during the initial handshake. You must provide your token as a query parameter called token.
const socket = new WebSocket('wss://api.aura-live.com/ws/session?token=your_token_here');[!CAUTION] Never share your API tokens. If a token is compromised, revoke it immediately via the user settings dashboard and generate a new one.