Authentication
Obtain a Token
Exchange your credentials for a bearer token that authenticates all subsequent API calls.
Endpoint: POST /token
Request
json
{
"username": "your_username",
"password": "your_password",
"expires_at": "2026-05-01T00:00:00Z"
}| Field | Type | Required | Description |
|---|---|---|---|
username | string | Yes | Your assigned username |
password | string | Yes | Your assigned password |
expires_at | string (ISO 8601) | Yes | Token expiry date. Maximum: 1 month from now |
Response
Success (200):
json
{
"data": {
"token": "1|abc123plainTextToken...",
"expires_at": "2026-05-01T00:00:00Z"
}
}| Field | Description |
|---|---|
data.token | Bearer token to use in the Authorization header |
data.expires_at | When the token will expire |
Errors
| Status | Response | Meaning |
|---|---|---|
| 401 | {"message": "Invalid credentials."} | Wrong username or password |
| 403 | {"message": "Reseller account is disabled."} | Account disabled |
| 403 | {"message": "Access denied."} | IP not whitelisted |
| 422 | {"message": "Token expiry cannot exceed 1 month.", "errors": {"expires_at": [...]}} | expires_at is too far in the future |
Using the Token
Include the token in the Authorization header for every API call:
Authorization: Bearer 1|abc123plainTextToken...Example
bash
curl -X GET https://api.academia.ly/api/v1/reseller/denominations \
-H "Authorization: Bearer 1|abc123plainTextToken..."Token Rules
- You may have multiple active tokens at the same time
- Each token expires independently at the time you specified
- Maximum token lifetime is 1 month
- Request a new token before the current one expires to avoid downtime
- If a token is expired, you will receive a
401 Unauthorizedresponse