Watch API | Auth Endpoints
Indee provides a suite of authentication APIs that help you define, manage and control security for viewing applications.
| Auth API | Description |
|---|---|
| Login API | Authenticates a user to watch a video on the Indee platform |
| Logout API | Ends a session on the Indee platform and expires both the access and refresh tokens. |
| Refresh Token API | Generates a new access token by providing a refresh token. |
| Forgot Password API | Sends an email containing a link to reset the password. |
| Reset Password API | Resets password for the user on the Indee platform. |
| Signup API | Allows a new user to sign up on the Indee platform. |
| QR Login Code Generation API | Generates QR code for log in. |
| QR Login API | Logs in using QR code. |
| QR Login Get Token API | Generates the JWT token once the user has logged into the web application via their mobile phone. |
Authentication
Indee supports multiple forms of authentication for viewing applications. This is to facilitate both security of access and ease of use and in some cases, guild-mandated methods. Currently, we support the following two forms of authentication:
- Authentication PIN: A sequence of characters selected at random, used for authentication. This is typically used in FYC application use cases.
- Username and password: Traditional authentication method used for access to Indee videos.
Token Management
Indee uses JWT tokens to represent an authenticated user. Further to ensure that the tokens are secure,Indee authentication mechanism uses the access token / refresh token model as outlined in OAuth 2.0
The token pair is provided as a response to the login call. The refresh token should be stored securely while the access token should be used for all subsequent API calls.
The access token typically tends to be short-lived in nature and will potentially expire in minutes. When it expires, a new access token can be obtained by calling the token refresh endpoint.
Status Codes
Following are the API status codes provided by Indee:
| Indee Status Code | HTTP Response Code | Description |
|---|---|---|
| W0000 | HTTP 200 | Success |
| W2000 | HTTP 401 | Authorization header was either not passed or there was an issue parsing it. |
| W2001 | HTTP 401 | Invalid API key - Revoked, expired, or non-existent key. |
| W2002 | HTTP 401 | Invalid Credentials |
| W2003 | HTTP 401 | Invalid or expired refresh token. |
| W2101 | HTTP 403 | Permission Denied - User not authorized to perform action |
| W4900 | HTTP 400 | Invalid body - Missing / incomplete / incorrect format |
| W4901 | HTTP 400 | Invalid device - Device not found |
| W5000 | HTTP 500 | Server error |
| W5001 | HTTP 429 | Rate limited |