Skip to main content
All API requests require authentication. GoSentrix uses JWT (JSON Web Tokens) for authentication.

Authentication Flow

  1. Sign Up or Log In to obtain access and refresh tokens
  2. Use Access Token in the Authorization header for API requests
  3. Refresh Token when the access token expires

Obtaining Tokens

Sign Up

curl -X POST https://api.gosentrix.io/api/v1/auth/signup \
  -H "Content-Type: application/json" \
  -d '{
    "email": "[email protected]",
    "password": "SecurePassword123!",
    "tenant_name": "My Company"
  }'

Log In

curl -X POST https://api.gosentrix.io/api/v1/auth/login \
  -H "Content-Type: application/json" \
  -d '{
    "email": "[email protected]",
    "password": "SecurePassword123!"
  }'

Using Tokens

Include the access token in the Authorization header: 
curl -X GET https://api.gosentrix.io/api/v1/tenants \
  -H "Authorization: Bearer YOUR_ACCESS_TOKEN"

Token Types

  • Access Token: Short-lived (15 minutes), used for API requests
  • Refresh Token: Long-lived (7 days), used to obtain new access tokens

Multi-Factor Authentication (MFA)

For enhanced security, MFA can be enabled. See MFA Enrollment for details.

Step-Up Authentication

Sensitive operations require step-up authentication. See Step-Up Authentication for details.