# API Authentication

### Creating an Account

To create an account, send a POST request to the following endpoint:

```bash
POST /v1/account/register
```

The request body should include the email and password for the account being created in this format:

```json
{
  "email": "your email",
  "password": "your password"
}
```

*Note: During the closed beta period, all accounts need to be manually activated by our team.*

### Logging In

To log in to an existing account, send a POST request to the following endpoint:

```bash
POST /v1/account/get-token
```

The request body should include the email and password associated with the account in this format:

```json
{
  "email": "your email",
  "password": "your password"
}
```

* If the credentials are correct, the server will return a Bearer Token.
* If the credentials are incorrect, the server will return a 400 Bad Request response.
* If the account is inactive, the server will return a 401 Unauthorized response.

### Bearer Token

A Bearer Token is a security token that grants users access to our API upon successful login. The Bearer Token is a string that must be included in the Authorization header of any subsequent authenticated requests to the server. The format of the Authorization header should be:

```makefile
Authorization: Bearer <token>
```

Replace `<token>` with the actual token received during login.

### Logging Out

To log out of an existing session, send a GET request to the following endpoint:

```bash
GET /v1/account/logout
```

Following this request, the server will invalidate the token associated with the user's session.

**Token Lifespan**: The default lifespan for a bearer token is 7 days. After this period, the token will expire, and the user will need to log in again to obtain a new one.