Authentication

All APIs use Auth0 for authentication. Every request needs a JWT Bearer token.

Authorization: Bearer eyJhbGciOiJSUzI1NiIs...

Getting a Token

Option 1: Auth0 Dashboard (Quick Test)

Go to Auth0 Dashboard → Applications → APIs
Select the ELIVAAS API
Click Test tab
Copy the generated token

Option 2: cURL (Machine-to-Machine)

curl --request POST \
  --url https://elivaas.us.auth0.com/oauth/token \
  --header 'content-type: application/json' \
  --data '{
    "client_id": "YOUR_CLIENT_ID",
    "client_secret": "YOUR_CLIENT_SECRET",
    "audience": "https://bard-pms-api.elivaas.com",
    "grant_type": "client_credentials"
  }'

Response:

{
  "access_token": "eyJhbGciOiJSUzI1NiIs...",
  "token_type": "Bearer",
  "expires_in": 86400
}

Copy the access_token and use it in the API docs Auth section.

For browser-based apps, use Auth0's Universal Login:

https://elivaas.us.auth0.com/authorize?
  response_type=token&
  client_id=YOUR_CLIENT_ID&
  redirect_uri=https://your-app.com/callback&
  audience=https://bard-pms-api.elivaas.com&
  scope=openid profile email

After login, the token is returned in the redirect URL hash.

Using the Token in API Docs

Open any API endpoint page (e.g., Create Section Definition)
On the right panel, scroll to Auth
Paste your Bearer token
Click Send — the token is attached automatically

Auth0 Configuration

Setting	Value
Domain	`elivaas.us.auth0.com`
Token endpoint	`https://elivaas.us.auth0.com/oauth/token`
JWK Set URI	`https://elivaas.us.auth0.com/.well-known/jwks.json`

Token Expiry

Tokens expire after 24 hours (86400 seconds). After expiry, request a new token.

Getting a Token​

Option 1: Auth0 Dashboard (Quick Test)​

Option 2: cURL (Machine-to-Machine)​

Option 3: Login Flow (Frontend Apps)​

Using the Token in API Docs​

Auth0 Configuration​

Token Expiry​