Headers

The Stafbook Auth API expects the following headers to be included in the requests:

x-client-id

• Type: string

• Required: Yes

• Description: The x-client-id header should contain the client ID associated with your application. This header is used to identify the client making the request and ensure the validity of the client's authentication.

Authorization

• Type: Bearer Token

• Required: Yes

• Description: The Authorization header should contain a Bearer token obtained through the agreement process. This token serves as proof of authentication and authorization to access the protected resources. The format of the Authorization header should be Bearer [token], where [token] is the valid access token obtained from agreement process.

Authorization: Bearer <access_token>

Content-Type

• Type: string

• Required: Yes

• Value: application/json

The Content-Type header specifies the format of the request payload. For Stafbook Auth API requests, the value must be set to application/json to indicate that the request body is in JSON format.

Content-Type: application/json

Accept

• Type: string

• Required: Yes

• Value: application/json

The Accept header specifies the expected response format. For Stafbook Auth API responses, the value must be set to application/json to indicate that the response will be in JSON format

Accept: application/json

Example

POST /v1/introspection HTTP/1.1
Host: api.stafbookauth.com
Content-Type: application/json
Accept: application/json
Authorization: Bearer <access_token>
x-client-id: <your_client_id>

{
  "token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c"
}

In this example, the request includes the following:

• HTTP Method: POST

• Endpoint: /v1/introspection

• Host: auth.stafbook.com

• Headers:

  • Content-Type: application/json

  • Accept: application/json

  • x-client-id: your_client_id

  • Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ...

• Request Body:

  • token: The access token to be introspected. Replace eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ... with the actual access token.

Make sure to replace your_client_id with the actual client ID associated with your application, Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ... with the valid access token for accessing Stafbook Auth and token: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ... with the valid access token you want to introspect.

This request will be sent to the Introspection endpoint, allowing you to validate and obtain information about the provided access token.

Please ensure that you include these headers correctly in your requests to the Stafbook Auth API. Failure to provide the required headers or an invalid access token may result in authentication errors or denial of access to the protected resources.