Authentication API (Login API)

Tellius provides backend APIs that allow advanced custom development, full UI control, and tight integration into your applications. Before calling any secured Tellius API (such as Insights APIs or Search APIs), you must first authenticate and obtain a temporary access token.

Endpoint

POST https://<your-tellius-domain>/api/auth/login

curl 'https://qa1.dev.tellius.com/api/auth/login' \
  -H 'sec-ch-ua-platform: "macOS"' \
  -H 'Referer: https://qa1.dev.tellius.com/login' \
  -H 'sec-ch-ua: "Google Chrome";v="135", "Not-A.Brand";v="8", "Chromium";v="135"' \
  -H 'sec-ch-ua-mobile: ?0' \
  -H 'csrf: 2rp6y9fqnek' \
  -H 'User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36' \
  -H 'Accept: application/json, text/plain, */*' \
  -H 'Content-Type: application/json' \
  --data-raw '{"username":"<your_username>","password":"<your_password>"}'

Request example

{
  "username": "your_username",
  "password": "your_password"
}

Response example

{
 "id": "ba8bbdae-561c-4fff-aba4-33d12941243c",
 "message": "Login successful",
 "token": "<your_token_here>"
}

Session-based vs Token-based Authentication

When calling the Login API, you can optionally include a "session": true parameter in the request body.

Tellius server creates a session and manages authentication via cookies. This is recommended for browser-based apps where automatic cookie handling is preferred. No need to manually send Authorization header after login.

If omitted, by default, Tellius returns a JWT access token. Recommended for mobile apps, API integrations, where you must manually send the JWT in the Authorization: Bearer <token> header for each API call.