Nuxera AI Authentication API
Nuxera AI Authentication API
Secure access to Nuxera AI services requires proper authentication. This page describes how to obtain and use authentication tokens for accessing Nuxera API endpoints.
Login
Endpoint: /api/auth/login
Method: POST
Description: This endpoint allows users to authenticate and obtain an access token for further interactions with the Nuxera AI APIs.
Request Body
{
"username": "string",
"password": "string"
}
Parameters
| Name | Type | Required | Description |
|---|---|---|---|
| username | string | Yes | The user's username or email address |
| password | string | Yes | The user's password |
Response
Success (200 OK)
{
"token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
"user": {
"id": "user-123456",
"username": "doctor.smith",
"email": "doctor.smith@example.com",
"role": "physician"
}
}
The response includes:
- token: A JWT token that should be used for subsequent API requests
- user: Basic information about the authenticated user
Error (401 Unauthorized)
{
"error": "Authentication failed",
"message": "Invalid username or password"
}
Get User Information
Endpoint: /api/auth/me
Method: GET
Description: This endpoint retrieves information about the currently authenticated user. Requires a valid authentication token.
Headers
| Name | Type | Required | Description |
|---|---|---|---|
| Authorization | string | Yes | Bearer token from login |
Response
Success (200 OK)
{
"id": 100,
"email": "doc@nuxera.ai",
"status": "active",
"last_login": "2025-03-01T05:28:42.148Z",
"created_at": "2025-03-31T16:54:47.134Z",
"updated_at": "2025-05-07T16:17:29.082Z",
"email_verified": true,
"name": "Doctor Hisham",
"is_demo": false,
"user_type": ["ai-medical-note"]
}
Error (401 Unauthorized)
{
"error": "Authentication required",
"message": "Invalid or missing authentication token"
}
Change Password
Endpoint: /api/auth/change-password
Method: POST
Description: This endpoint allows authenticated users to change their password. Requires the current password for verification.
Request Body
{
"currentPassword": "Abcd1234",
"newPassword": "1234Acd"
}
Parameters
| Name | Type | Required | Description |
|---|---|---|---|
| currentPassword | string | Yes | The user's current password |
| newPassword | string | Yes | The new password to set |
Headers
| Name | Type | Required | Description |
|---|---|---|---|
| Authorization | string | Yes | Bearer token from login |
Response
Success (200 OK)
{
"message": "Password changed successfully"
}
Error (400 Bad Request)
{
"error": "Invalid current password",
"message": "The current password provided is incorrect"
}
Error (401 Unauthorized)
{
"error": "Authentication required",
"message": "Invalid or missing authentication token"
}
Using the Authentication Token
Once you have obtained an authentication token, you must include it in all subsequent API requests in the Authorization header as a Bearer token:
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...
Token Expiration
Authentication tokens are valid for 7 days after issuance. After expiration, you'll need to request a new token by calling the login endpoint again.
Security Best Practices
- Never expose authentication tokens in client-side code
- Store tokens securely on your server
- Implement proper error handling for expired or invalid tokens
- Do not share tokens between different applications or users
Example Usage
JavaScript/Node.js
// Login and obtain a token
async function login(username, password) {
const response = await fetch("https://nuxera.cloud/api/auth/login", {
method: "POST",
headers: {
"Content-Type": "application/json",
},
body: JSON.stringify({
username,
password,
}),
});
const data = await response.json();
if (!response.ok) {
throw new Error(data.message || "Authentication failed");
}
// Store the token for future API calls
return data.token;
}
// Use the token for an API request
async function makeAuthenticatedRequest(token, endpoint) {
const response = await fetch(`https://nuxera.cloud${endpoint}`, {
headers: {
Authorization: `Bearer ${token}`,
"Content-Type": "application/json",
},
});
return await response.json();
}
// Example usage
async function main() {
try {
const token = await login("doctor.smith", "secure-password");
const result = await makeAuthenticatedRequest(token, "/api/transcribe");
console.log("API response:", result);
} catch (error) {
console.error("Error:", error.message);
}
}
Python
import requests
# Login and obtain a token
def login(username, password):
response = requests.post(
'https://nuxera.cloud/api/auth/login',
json={
'username': username,
'password': password
}
)
data = response.json()
if response.status_code != 200:
raise Exception(data.get('message', 'Authentication failed'))
return data['token']
# Use the token for an API request
def make_authenticated_request(token, endpoint):
response = requests.get(
f'https://nuxera.cloud{endpoint}',
headers={
'Authorization': f'Bearer {token}',
'Content-Type': 'application/json'
}
)
return response.json()
# Example usage
try:
token = login('doctor.smith', 'secure-password')
result = make_authenticated_request(token, '/api/transcribe')
print('API response:', result)
except Exception as e:
print('Error:', str(e))
cURL
# Login and obtain a token
curl -X POST 'https://nuxera.cloud/api/auth/login' \
-H 'Content-Type: application/json' \
-d '{
"username": "doctor.smith",
"password": "secure-password"
}'
# Example response
# {
# "token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
# "user": {
# "id": "user-123456",
# "username": "doctor.smith",
# "email": "doctor.smith@example.com",
# "role": "physician"
# }
# }
# Use the token for an API request
curl -X GET 'https://nuxera.cloud/api/transcribe' \
-H 'Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...' \
-H 'Content-Type: application/json'
Next Steps
Now that you understand how to authenticate with the Nuxera AI API, proceed to:
- Transcription API - Learn how to transcribe medical consultations
- Dictation API - Learn how to process medical dictations