FunnelFlux Pro API DocumentsFunnelFlux Pro API Documents
  • Changelog
  • Status
  • Dashboard
  • Documentation
  • Authentication
  • Domains
  • Assets
  • Reporting
Information
Authentication
    Access token validationpostPassword-based login (legacy)post
FunnelFlux Authentication API
FunnelFlux Authentication API

Authentication

Download schema

Access token validation and legacy password login.


Access token validation

POST
https://api.funnelflux.pro/v1
/auth/validate

This endpoint will validate your current access token and reissue if it has expired (provided a refresh token is present).

  • A valid access token must be passed in the Bearer Authorization header (an expired access token is still valid)
  • Access tokens have an automatic expiry of 72 hours. Refresh tokens may expire or become invalid due to Auth0 limitations and tenant policy, and excessive refresh token issuing can invalidate older tokens.
  • If the access token is still valid, the response will return the current details and expiry
  • If the access token has expired and no refresh token is provided, the API will return 401
  • If receiving a 401 for an expired access token, pass refresh_token and the API will return an updated access token and expiry when the refresh token is still valid. If refresh fails, prompt for reauthorization.
  • It is your responsibility to programmatically store and update your temporary access tokens. Long-lived access tokens are not issued for security purposes

Access token validation › Request Body

refresh_token
​string

Refresh Token. Only needed when a token is expired.

Example: xzjQT79U85k92jhE0CZjm....

Access token validation › Responses

Response will be a JSON object containing an access token and refresh token. You can ignore any other information in the response as this is not necessary for API usage.

Example response for valid access token:

Code
{ "tokens": { "access_token": "value_here", "expires_at": 1656045319 }, "user": { "user_id": "auth0|XXX", "permissions": [ "lumetric:access" ] } }

Example response for expired access token + valid refresh token -> issues new access token

Code
{ "tokens": { "access_token": "UPDATED_VALUE", "refresh_token": "VALUE", //not changed "expires_at": 1656091322 //new access token expiry }, "user": { ... } }

Example response for expired access token with no refresh token passed in body

This will not give a 200 response -- will return a 401 unauthorized error.

Code
{ "error": "token is expired" }
​object
​object
POST/auth/validate
curl --request POST \ --url https://api.funnelflux.pro/v1/auth/validate \ --header 'Content-Type: application/json' \ --data ' { "refresh_token": "xzjQT79U85k92jhE0CZjm...." } '
Example Request Body
{ "refresh_token": "xzjQT79U85k92jhE0CZjm...." }
json
Example Responses
{ "tokens": { "access_token": "access_token", "id_token": "id_token", "refresh_token": "refresh_token", "expires_at": 0 }, "user": { "user_id": "user_id", "permissions": [ "string" ], "email": "email", "email_verified": true, "name": "name", "nickname": "nickname", "picture_url": "picture_url", "updated_at": 0 } }
json
application/json

Password-based login (legacy)

POST
https://api.funnelflux.pro/v1
/auth/login

NOTE: Avoid using this method. Rather, please log in normally and retrieve an access and refresh token via our UI. Only use this endpoint if you need to programmatically generate a new access/refresh token and do not currently have one, and for some reason cannot log in via the UI.

Password-based login (legacy) › Request Body

username
​string · required

Your login username

Example: bob@smith.com
password
​string · required

Your password

Example: s0me_super_un1que_pa$$word
issue_refresh_token
​boolean · required

Optional flag to return a refresh token in response

Default: true

Password-based login (legacy) › Responses

Response will be a JSON object containing an access token and refresh token. You can ignore any other information in the response as this is not necessary for API usage.

Example response for valid login

Code
{ "tokens": { "access_token": "VALUE", "id_token": "VALUE", //ignore, not used for API requests "refresh_token": "VALUE", "expires_at": 1656091322 //access token expiry }, "user": { "user_id": "auth0|XXXXXX", //your user ID in our system "permissions": [ "lumetric:access" ], "email": "test@funnelflux.com", "email_verified": true, "name": "FunnelFlux Test User", "nickname": "test", "picture_url": "SOME_URL", "updated_at": 1655832122 } }

Example response when OTP MFA is required

Code
{ "mfa_required": true, "mfa_token": "VALUE", "factor": "otp", "mfa_requirements": {} }
mfa_required
​boolean
mfa_token
​string
factor
​string · enum
Enum values:
otp
mfa_requirements
​object
​object
​object
POST/auth/login
curl --request POST \ --url https://api.funnelflux.pro/v1/auth/login \ --header 'Content-Type: application/json' \ --data ' { "username": "bob@smith.com", "password": "s0me_super_un1que_pa$$word", "issue_refresh_token": true } '
Example Request Body
{ "username": "bob@smith.com", "password": "s0me_super_un1que_pa$$word", "issue_refresh_token": true }
json
Example Responses
{ "mfa_required": true, "mfa_token": "mfa_token", "factor": "otp", "mfa_requirements": {}, "tokens": { "access_token": "access_token", "id_token": "id_token", "refresh_token": "refresh_token", "expires_at": 0 }, "user": { "user_id": "user_id", "permissions": [ "string" ], "email": "email", "email_verified": true, "name": "name", "nickname": "nickname", "picture_url": "picture_url", "updated_at": 0 } }
json
application/json