Skip to main content

Overview

The MKing Admin API uses JWT (JSON Web Token) authentication. All authenticated endpoints require a valid token in the Authorization header.

Authentication Flow

  1. Call the /login endpoint with credentials
  2. Receive a JWT token in the response
  3. Include the token in subsequent requests using the Authorization: Bearer <token> header
  4. Token is stored in localStorage and automatically attached by axios interceptors

Login

curl -X POST "${VITE_BASE_URL}/login" \
  -H "Content-Type: application/json" \
  -d '{
    "email": "[email protected]",
    "password": "your_password"
  }'
Authenticates a user and returns a JWT token.

Request Body

email
string
required
User’s email address
password
string
required
User’s password

Response

token
string
JWT authentication token to be used in subsequent requests
user
object
User information object
id
number
User’s unique identifier
email
string
User’s email address
name
string
User’s full name
role
object
User’s role information
{
  "token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
  "user": {
    "id": 1,
    "email": "[email protected]",
    "name": "John Doe",
    "role": {
      "id": 2,
      "name": "Admin"
    }
  }
}

Get Current User

curl -X GET "${VITE_BASE_URL}/user" \
  -H "Authorization: Bearer <token>"
Retrieves information about the currently authenticated user. Authentication Required: Yes

Response

id
number
User’s unique identifier
email
string
User’s email address
name
string
User’s full name
employee_id
number
Associated employee ID if applicable
role
object
User’s role with permissions
{
  "id": 1,
  "email": "[email protected]",
  "name": "John Doe",
  "employee_id": 5,
  "role": {
    "id": 2,
    "name": "Admin",
    "permissions": [
      "products.view",
      "products.create",
      "products.update"
    ]
  }
}

Build docs developers (and LLMs) love

Get started for freeTalk to us