Skip to main content
UTMStack uses JWT (JSON Web Token) authentication for API access. Obtain a token by authenticating with your credentials, then include the token in subsequent requests.

Authenticate

Authenticate with username and password to receive a JWT token.

Request Body

username
string
required
User’s login name
password
string
required
User’s password
rememberMe
boolean
default:"false"
Whether to create a long-lived token

Response

token
string
JWT authentication token
success
boolean
Whether authentication was successful
method
string
Two-factor authentication method (if configured)
tfaConfigured
boolean
Whether two-factor authentication is configured
forceTfa
boolean
Whether TFA is required for this login
tfaExpiresInSeconds
integer
TFA challenge expiration time in seconds
firstLogin
boolean
Whether this is the user’s first login
curl -X POST https://your-utmstack-instance.com/api/authenticate \
  -H "Content-Type: application/json" \
  -d '{
    "username": "admin",
    "password": "your-password",
    "rememberMe": false
  }'

{
  "token": "eyJhbGciOiJIUzUxMiJ9.eyJzdWIiOiJhZG1pbiIsImF1dGgiOiJST0xFX0FETUlOIiwiZXhwIjoxNzA5MjQwMDAwfQ.abcd1234...",
  "success": true,
  "method": null,
  "tfaConfigured": false,
  "forceTfa": true,
  "tfaExpiresInSeconds": 0,
  "firstLogin": false
}

Using the Token

Include the JWT token in the Authorization header of subsequent requests: 
Authorization: Bearer eyJhbGciOiJIUzUxMiJ9...

Example Authenticated Request

cURL
curl -X GET https://your-utmstack-instance.com/api/account \
  -H "Authorization: Bearer eyJhbGciOiJIUzUxMiJ9..."

Check Authentication Status

Check if the current user is authenticated.

Response

Returns the username if authenticated, or 401 status if not authenticated. 
curl -X GET https://your-utmstack-instance.com/api/authenticate \
  -H "Authorization: Bearer eyJhbGciOiJIUzUxMiJ9..."

admin

Get Current Account

Get the current authenticated user’s account information.

Response

id
integer
User ID
login
string
Username
firstName
string
User’s first name
lastName
string
User’s last name
email
string
User’s email address
authorities
array
List of user roles/permissions
curl -X GET https://your-utmstack-instance.com/api/account \
  -H "Authorization: Bearer eyJhbGciOiJIUzUxMiJ9..."

{
  "id": 1,
  "login": "admin",
  "firstName": "Admin",
  "lastName": "User",
  "email": "[email protected]",
  "imageUrl": null,
  "activated": true,
  "langKey": "en",
  "authorities": ["ROLE_ADMIN"]
}

Token Expiration

Tokens expire after a set period:
  • Standard tokens: 24 hours
  • Remember me tokens: 30 days
When a token expires, you’ll receive a 401 Unauthorized response. Authenticate again to obtain a new token.

Build docs developers (and LLMs) love

Get started for freeTalk to us