The Violet API uses API keys associated with your Violet Application along with a system generated refresh token to authenticate requests. You can view and manage your API keys in the Channel Dashboard.

The following information needs to be included as headers in each request:

X-Violet-App-Id
X-Violet-App-Secret
X-Violet-Token

Your Violet Application will provide you with a Violet-App-Id and Violet-App-Secret, however, the Login API request needs to be called the first time you are authenticating. Upon authenticating, you will receive:

  1. Authentication Token
  2. Refresh Token

Violet-Token

This is your Authentication Token. Use this in the Header of every request you send to Violet. The auth token is subject to an expiry date and time. Ensure that you request a new token prior to the expiry using your refresh token.

Refresh-Token

Use the refresh token to send a request to Violet and retrieve a ‘fresh’ auth token. Make sure to build in logic for this operation based on the expiry time in the JWT you receive. How to refresh an auth token.

Try it in Postman: Postman + Login.

The complete list of Violet Authentication APIs are as follows:

Obtaining an API Token

GET /login

Refreshing an API Token

GET /auth/token

If a call is made using an expired token, Violet APIs will respond with the following:

JSON
{
  "status": 401,
  "message": "Token has expired",
  "error_code": 11,
  "timestamp": 1558040517021
}