API Documentation

Request an Access Token

The Access Token endpoint enables clients to acquire an OAuth2 access token by submitting valid client credentials. This token is required for authenticating subsequent API requests.

Endpoint

URL: https://api.accounda.com/v1/token/

Method: POST

Request Parameters

Content-Type: application/x-www-form-urlencoded

Parameter	Type	Description
`client_id`	`string`	The client identifier issued during client registration.
`client_secret`	`string`	The client secret associated with the `client_id`.

Sample Request

POST /v1/token/ HTTP/1.1
Content-Type: application/x-www-form-urlencoded

client_id=your_client_id&client_secret=your_client_secret

Response

Content-Type: application/json

Success Response

On success, the API returns a JSON object containing the access token, token type, and expiration time.

Status Code: 200 OK

{
    "access_token": "your_access_token",
    "token_type": "Bearer",
    "expires_in": 3600
}

Error Responses

If the request fails due to missing or invalid client credentials, the API returns an error message.

Status Code: 400 Bad Request

Missing Client Credentials

{
    "error": "Missing client credentials"
}

Invalid Client Credentials

{
    "error": "Invalid client credentials"
}

Error Codes

400 Bad Request: The request could not be processed because it is malformed or contains invalid parameters.

Security

This endpoint requires client credentials (client_id and client_secret). All API requests should be made over HTTPS to ensure data security.

Example Usage

Here’s an example using curl to obtain an access token:

curl -X POST https://api.accounda.com/v1/token/ \
-d "client_id=your_client_id" \
-d "client_secret=your_client_secret"

Notes

Ensure that the client_secret is kept secure and never shared publicly.
The access token is valid for a limited time (3600 seconds by default) and should be refreshed before it expires.

Validate User Authentication

The User Validation endpoint allows clients to authenticate and retrieve detailed information about a user, including optional data from linked accounts (Discord, Microsoft, Google) if available.

Endpoint

URL: https://api.accounda.com/v1/user/validate/

Method: GET

Request Headers

Header	Type	Description
`Authorization`	`string`	Bearer token for accessing the endpoint. Format: `Bearer your_access_token`.
`Client-ID`	`string`	The client identifier associated with the registered application.
`Auth-Token`	`string`	A token to validate that the user is the authenticated user.

Request Parameters

Content-Type: application/json

Parameter	Type	Description
`auth_id`	`integer`	The ID of the authorized application for which user information is being requested.
`user_data` (optional)	`boolean`	If provided, user data is returned.
`google` (optional)	`integer`	If provided, additional Google user data is returned if available. Requires user_data parameter. (1: optional; 8: required)
`microsoft` (optional)	`integer`	If provided, additional Microsoft user data is returned if available. Requires user_data parameter. (1: optional; 8: required)
`discord` (optional)	`integer`	If provided, additional Discord user data is returned if available. Requires user_data parameter. (1: optional; 8: required)
`github` (optional)	`integer`	If provided, additional GitHub user data is returned if available. Requires user_data parameter. (1: optional; 8: required)

Sample Request

GET /v1/user/validate/?auth_id=user_related_auth_id&user_data=1&discord=1&microsoft=1&google=1&github=1 HTTP/1.1
Host: api.accounda.com
Authorization: Bearer your_access_token
Client-ID: your_client_id
Content-Type: application/json
Auth-Token: user_related_auth_token

Response

Content-Type: application/json

Success Response

On success, the API returns a JSON object containing user information along with any additional data from linked accounts if requested.

Status Code: 200 OK

{
    "data": {
        "username": "johndoe",
        "first_name": "John",
        "last_name": "Doe",
        "email": "john.doe@example.com",
        "google": {
          "username": "john_google",
          "first_name": "John",
          "last_name": "Doe",
          "email": "google.johndoe@example.com",
          "id": "1122334455"
        },
        "microsoft": {
          "username": "john_microsoft",
          "first_name": "John",
          "last_name": "Doe",
          "email": "microsoft.johndoe@example.com",
          "id": "0987654321"
        },
        "discord": {
          "username": "john_discord",
          "locale": "en-US",
          "email": "discord.johndoe@example.com",
          "id": "1234567890"
        },
        "github": {
          "name": "John Github",
          "email": "github.johndoe@example.com",
          "id": "3254567890"
        }
    }
}

Error Responses

If the request fails due to invalid credentials or other issues, the API returns an error message.

Missing or Invalid Headers

{
  "error": "Authorization and Client-ID headers are required"
}

Invalid Access Token

{
  "error": "Invalid access token"
}

Expired Access Token

{
  "error": "Access token has expired"
}

Invalid Client ID

{
  "error": "Invalid client ID"
}

Invalid Auth ID or Token

{
  "error": "Invalid auth ID or token"
}

Inactive or Expired Application

{
  "error": "The application associated with the provided client_id has expired.
            Please renew your access or contact support."
}

Security

This endpoint requires a valid access token and client credentials. All API requests should be made over HTTPS to ensure data security.

Notes

The access token is valid for a limited time and should be refreshed before it expires.
Ensure that your client_secret is kept secure.
Optional linked account data (Google, Microsoft, Discord, GitHub) will only be included if requested and authorized.

Retrieve User Information

The User Information endpoint allows clients to retrieve detailed information about a user, including optional data from linked accounts (Discord, Microsoft, Google) if available.

Do not use this to sign in users. Use Validate User Authentication instead.

Endpoint

URL: https://api.accounda.com/v1/user/information/

Method: GET

Request Headers

Header	Type	Description
`Authorization`	`string`	Bearer token for accessing the endpoint. Format: `Bearer your_access_token`.
`Client-ID`	`string`	The client identifier associated with the registered application.

Request Parameters

Content-Type: application/json

Parameter	Type	Description
`auth_id`	`integer`	The ID of the authorized application for which user information is being requested.
`google` (optional)	`integer`	If provided, additional Google user data is returned if available. (1: optional; 8: required)
`microsoft` (optional)	`integer`	If provided, additional Microsoft user data is returned if available. (1: optional; 8: required)
`discord` (optional)	`integer`	If provided, additional Discord user data is returned if available. (1: optional; 8: required)
`github` (optional)	`integer`	If provided, additional GitHub user data is returned if available. (1: optional; 8: required)

Sample Request

GET /v1/user/information/?auth_id=user_related_auth_id&discord=1&microsoft=1&google=1&github=1 HTTP/1.1
Host: api.accounda.com
Authorization: Bearer your_access_token
Client-ID: your_client_id
Content-Type: application/json

Response

Content-Type: application/json

Success Response

On success, the API returns a JSON object containing user information along with any additional data from linked accounts if requested.

Status Code: 200 OK

{
    "data": {
        "username": "johndoe",
        "first_name": "John",
        "last_name": "Doe",
        "email": "john.doe@example.com",
        "google": {
          "username": "john_google",
          "first_name": "John",
          "last_name": "Doe",
          "email": "google.johndoe@example.com",
          "id": "1122334455"
        },
        "microsoft": {
          "username": "john_microsoft",
          "first_name": "John",
          "last_name": "Doe",
          "email": "microsoft.johndoe@example.com",
          "id": "0987654321"
        },
        "discord": {
          "username": "john_discord",
          "locale": "en-US",
          "email": "discord.johndoe@example.com",
          "id": "1234567890"
        },
        "github": {
          "name": "John Github",
          "email": "github.johndoe@example.com",
          "id": "3254567890"
        }
    }
}

Error Responses

If the request fails due to invalid credentials or other issues, the API returns an error message.

Missing or Invalid Headers

{
  "error": "Authorization and Client-ID headers are required"
}

Invalid Access Token

{
  "error": "Invalid access token"
}

Expired Access Token

{
  "error": "Access token has expired"
}

Invalid Client ID

{
  "error": "Invalid client ID"
}

Invalid Auth ID

{
  "error": "Invalid auth ID"
}

Inactive or Expired Application

{
  "error": "The application associated with the provided client_id has expired.
            Please renew your access or contact support."
}

Security

This endpoint requires a valid access token and client credentials. All API requests should be made over HTTPS to ensure data security.

Notes

The access token is valid for a limited time and should be refreshed before it expires.
Ensure that your client_secret is kept secure.
Optional linked account data (Discord, Microsoft, Google) will only be included if requested and authorized.
Do not use this request to sign in users.