Quiltt Logo

Managing existing Session tokens

Auth API Reference

For complete information on the available endpoints and schemas available in the Auth API, explore the API Reference.

Once you have obtained Session token, you can check whether it's valid or revoke it, using the following endpoints:


The Session token must be provided as a Bearer token in the Authorization header:

Authorization: Bearer <SESSION_TOKEN>

Link to this section#Checking the Current Session Token

To check a Session token, make a GET request:

curl --request GET \
  --url 'https://auth.quiltt.io/v1/users/session' \
  --header 'Authorization: Bearer <SESSION_TOKEN>'

If your token is valid, you will receive a 200 HTTP response code, with information about the session in the response body:

  "token": "eyJhbGciOiJIUzUxMiJ9.eyJuYmYiOjE2NzE4MjI5MTIsImlhdCI6MTY3MTgyMjkxMiwianRpIjoiNDU1MWNhNDktYzAwMi00ZDliLTkyZWMtNDY1MDE4ZTI4ZmRjIiwiaXNzIjoiYXV0aC5xdWlsdHQuaW8iLCJhdWQiOiJhcGkucXVpbHR0LmlvIiwiZXhwIjoxNjcxOTA5MzEyLCJ2ZXIiOjIsImRpZCI6ImFwaV8xN05PRXdWR2N2eU9xcGxuUWREMjdnWSIsInVpZCI6InBfMTFld3JWa0VuZDdMSXZTVkFtdDhYTDUifQ.5tYTjr_k0GKG6LsaAEt3V0RAiJe9UU59USUAASJTXf5e1923njb4UqYUozAVm34fARXT-SRvlE1-_J4wdiVNwg",
  "expiration": 1671909244,
  "expiresAt": "2022-12-24T19:14:04Z",
  "userId": "p_11ewrVkEnd7LIvSVAmt8XL5"

Link to this section#Revoking the current Session token

To revoke a Session token, make a DELETE request:

curl --request DELETE \
  --url 'https://auth.quiltt.io/v1/users/session' \
  --header 'Authorization: Bearer <SESSION_TOKEN>'

Successful responses will return a 204 HTTP response code.

See the Auth API Reference for full documentation of the supported endpoints.