Skip to main content
login and refresh are public. logout and me only accept JWT access tokens.

Login

Real responses are wrapped in data and include:
  • accessToken
  • refreshToken
  • accessTokenExpiresAtUtc
  • refreshTokenExpiresAtUtc
  • user
The serialized role values are superAdmin, admin, and user.

Refresh

Returns the same structure as login.

Logout

Returns 204 No Content.

Current user

System bootstrap

Returns:
  • apiKeyRequired
  • maxUploadSizeBytes
  • allowedContentTypes
This endpoint reports runtime configuration only. It does not confirm whether the bootstrap SuperAdmin exists.