Authentication API (Login API)

Tellius provides backend APIs that allow advanced custom development, full UI control, and tight integration into your applications. Before calling any secured Tellius API (such as Insights APIs or Search APIs), you must first authenticate and obtain a temporary access token.

Endpoint

POST https://<your-tellius-domain>/api/auth/login
curl 'https://qa1.dev.tellius.com/api/auth/login' \
  -H 'sec-ch-ua-platform: "macOS"' \
  -H 'Referer: https://qa1.dev.tellius.com/login' \
  -H 'sec-ch-ua: "Google Chrome";v="135", "Not-A.Brand";v="8", "Chromium";v="135"' \
  -H 'sec-ch-ua-mobile: ?0' \
  -H 'csrf: 2rp6y9fqnek' \
  -H 'User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36' \
  -H 'Accept: application/json, text/plain, */*' \
  -H 'Content-Type: application/json' \
  --data-raw '{"username":"<your_username>","password":"<your_password>"}'

Replace <your_username> and <your_password> with your Tellius login credentials. Make sure the csrf header is passed (usually found in the page source when you are logged into Tellius).

Request example

{
  "username": "your_username",
  "password": "your_password"
}

Response example

{
 "id": "ba8bbdae-561c-4fff-aba4-33d12941243c",
 "message": "Login successful",
 "token": "<your_token_here>"
}

Session-based vs Token-based Authentication

When calling the Login API, you can optionally include a "session": true parameter in the request body.

Tellius server creates a session and manages authentication via cookies. This is recommended for browser-based apps where automatic cookie handling is preferred. No need to manually send Authorization header after login.

If omitted, by default, Tellius returns a JWT access token. Recommended for mobile apps, API integrations, where you must manually send the JWT in the Authorization: Bearer <token> header for each API call.

Was this helpful?