Auth Endpoints
The auth service handles email/password login and JWT token exchange. All endpoints are served through the API gateway at http://localhost:8000.
Endpoints
| Method | Path | Description |
|---|---|---|
POST | /auth/token | Exchange email + password for a JWT token |
POST | /auth/validate | Validate a JWT token |
POST /auth/token
Exchange email and password credentials for a JWT access token.
Request:
curl -X POST http://localhost:8000/auth/token \
-H "Content-Type: application/json" \
-d '{"email": "admin@aegis.local", "password": "aegis-dev-admin"}'{
"email": "admin@aegis.local",
"password": "aegis-dev-admin"
}Response (200):
{
"access_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
"token_type": "bearer",
"expires_in": 86400,
"user_id": "dev-user-001",
"role": "admin"
}Returns 401 Unauthorized with {"detail": "Invalid email or password"} when the credentials are wrong or the user is inactive. Email is matched case-insensitively.
For local development, log in with admin@aegis.local / aegis-dev-admin (the seeded bootstrap admin), which grants admin access.
POST /auth/validate
Validate a JWT token and return the associated user info. Used internally by the API gateway on every request.
Request:
curl -X POST http://localhost:8000/auth/validate \
-H "Content-Type: application/json" \
-d '{"token": "eyJhbGciOiJIUzI1NiIs..."}'Response (200):
{
"valid": true,
"user_id": "dev-user-001",
"role": "admin"
}Last updated on