Authentication
Client Credentials
API credentials can be generated and managed by workspace admins in the API section of the Revoiceit platform.
The credentials are composed of a clientId and a clientSecret. Upon generation, the client credentials will be displayed to the user in a modal. The clientId will be saved to the platform with a user-defined descriptive name, while the clientSecret will only be shown during credential generation. It is recommended to save the clientSecret in a secure place for future use with the API endpoints.
Authorization Endpoint
The Authorization endpoint is used to generate accessToken, refreshToken, or to revoke tokens.
https://api.revoiceit.com/auth
The accessTokens generated by these requests should be passed to the Authorization header of all other requests on this API. This accessToken is used to authenticate and authorize future requests.
"Authorization": [accessToken]
Create Access Token
This endpoint is used to generate an accessToken which must be included in the Authorization header for all subsequent requests that require authentication. The accessToken should be provided as a Bearer token in the header. Each token is valid for one hour from the time it is issued.
Method: POST
Endpoint: https://api.revoiceit.com/auth/token
Body:
{
"clientId": string,
"clientSecret": string
}
Response:
{
"accessToken": string,
"refreshToken": string
}
Returned HTTP Codes
| HTTP Code | Description |
| 200 | Token created successfully |
| 400 | Invalid input |
| 500 | Internal server error |
Refresh Access Token
If an accessToken expires, this endpoint can be used to refresh it by providing the refreshToken obtained from the Create Access Token request in the request body. A new accessToken will be generated and returned for continued use with the API.
Method: POST
Endpoint: https://api.revoiceit.com/auth/refresh
Body:
{
"refreshToken": string
}
Response:
{
"accessToken": string
}
Returned HTTP Codes
| HTTP Code | Description |
| 200 | Token created successfully |
| 400 | Invalid input |
| 500 | Internal server error |
Revoke Refresh Token
This endpoint can be used to revoke a refreshToken. Users may choose to use this endpoint to increase security by limiting the token lifetime to a particular session. Similarly, a specific set of credentials can be temporarily disabled or permanently deleted from the Revoiceit platform.
Method: POST
Endpoint: https://api.revoiceit.com/auth/revoke
Body:
{
"refreshToken": string
}
Response:
{
"message": "Token revoked successfully"
}
Returned HTTP Codes
| HTTP Code | Description |
| 200 | Token revoked successfully |
| 400 | Invalid input |
| 500 | Internal server error |