Each request must be authenticated by providing its credentials in it. Credentials will be provided in the authorization request header.

Username & Password

This kind of credential is only allowed to get a new token. Password will be hashed with the MD5 algorithm.


Data resource


Field Explanation
token unique identifier
expires token expiration timestamp

Get Token

Success Code:200
Returned Data:Token resource

Mandatory parameters:

  • login: email
  • password: user password

Curl example

In order to ask for a new token, we will run the following command:

curl -i -X POST -d '{ "login": "", "password": "yourpassword" }' -H "Content-Type: application/json"

We can create a variable using it in the subsequent calls:

TOKEN=$(curl -s -X POST -d '{ "login": "", "password": "yourpassword" }' -H "Content-Type: application/json" | python -c "import sys, json; print json.load(sys.stdin)['token']")

Then just insert the $TOKEN in each command.


Expires field is for information purposes only and should be considered an estimate.


Modification of some user’s information may result in an early token expiration.


For any other requests only a token is needed.

Authorization Token

This will be a random identifier which is temporal. Once it expires, a new one should be asked for in order to keep on issuing operations. Any Api request will need an authorization token in its Authorization request header like:

Authorization: <token>


Authentication mechanisms may change as security administrator requires.

Table Of Contents

Previous topic

Quick Start guide to Gigas Api

Next topic