Moonbase Documentation

Authentication

Exchange credentials for a JWT and apply it to secured endpoints.

Keep credentials off the client

Only call the authentication endpoint from trusted environments. Avoid storing raw passwords in client code.

Login flow

Copy your public API key from the console output on first startup.
Send credentials to POST /api/auth/user.
Store the JWT from status_data.jwt securely.
Attach Authorization and Token headers to user scoped requests.

Request body

Prop

Type

{
  "username": "your_username",
  "password": "your_password",
  "hwid": "optional_hwid"
}
{
  "status_message": "USER_LOGGED_IN",
  "status_overview": "success",
  "status_code": 200,
  "status_data": {
    "user": "your_username",
    "jwt": "<token>"
  }
}

Example request

curl -X POST "https://your-moonbase-host/api/auth/user" \
  -H "Content-Type: application/json" \
  -d '{
    "username": "your_username",
    "password": "your_password",
    "hwid": "optional_hwid"
  }'

Moonbase API

Authenticate users, fetch profile data, and download files.

User profile

Fetch profile data for the authenticated user.

On this page

Login flow
Request body
Example request