Authentication
User sessions use Laravel Sanctum personal access tokens. Pass the token as Authorization: Bearer <token> on protected routes.
Login
Use login (email or username), not email — same as mobile and studio.
curl -s -X POST "https://api.vroxify.com/api/v1/auth/login" \
-H "Accept: application/json" \
-H "Content-Type: application/json" \
-H "X-Platform: vroxify" \
-d '{"login":"[email protected]","password":"your-password"}'Cross-app sign-in
When you open the developer portal from vroxify.com while signed in, Vroxify passes your session via /auth/handoff?token=…. Tokens are stored per subdomain in localStorage as vx_dev_token.
Platform header
Always include on auth and data requests:
X-Platform: vroxify
Base URL
https://api.vroxify.com/api/v1
Headers summary
- Accept: application/json
- Content-Type: application/json
- X-Platform: vroxify
- Authorization: Bearer <token>