Authentication

All APIs use Auth0 for authentication. Every request needs a JWT Bearer token.

Authorization: Bearer eyJhbGciOiJSUzI1NiIs...

Getting a Token

Option 1: Auth0 Dashboard (Quick Test)

Go to Auth0 Dashboard → Applications → APIs
Select the ELIVAAS API
Click Test tab
Copy the generated token

Option 2: cURL (Machine-to-Machine)

curl --request POST \
  --url https://elivaas.us.auth0.com/oauth/token \
  --header 'content-type: application/json' \
  --data '{
    "client_id": "YOUR_CLIENT_ID",
    "client_secret": "YOUR_CLIENT_SECRET",
    "audience": "https://bard-pms-api.elivaas.com",
    "grant_type": "client_credentials"
  }'

Response:

{
  "access_token": "eyJhbGciOiJSUzI1NiIs...",
  "token_type": "Bearer",
  "expires_in": 86400
}

Copy the access_token and use it in the API docs Auth section.

For browser-based apps, use Auth0's Universal Login:

https://elivaas.us.auth0.com/authorize?
  response_type=token&
  client_id=YOUR_CLIENT_ID&
  redirect_uri=https://your-app.com/callback&
  audience=https://bard-pms-api.elivaas.com&
  scope=openid profile email

After login, the token is returned in the redirect URL hash.

Using the Token in API Docs

Open any API endpoint page from the PMS / CRS / Website API sidebar
On the right panel, scroll to Auth
Paste your Bearer token
Click Send — the token is attached automatically

Auth0 Configuration

Setting	Value
Domain	`elivaas.us.auth0.com`
Token endpoint	`https://elivaas.us.auth0.com/oauth/token`
JWK Set URI	`https://elivaas.us.auth0.com/.well-known/jwks.json`

Token Expiry

Tokens expire after 24 hours (86400 seconds). After expiry, request a new token.

Getting a Token​

Option 1: Auth0 Dashboard (Quick Test)​

Option 2: cURL (Machine-to-Machine)​

Option 3: Login Flow (Frontend Apps)​

Using the Token in API Docs​

Auth0 Configuration​

Token Expiry​