All endpoints (except /api/auth/login, /api/auth/register and the public
GET /api/share/:shareId) require a Bearer token in the
Authorization header.
You have two ways to obtain a token:
# 1) Short-lived (24h) token via username + password
curl -X POST https://echov.projectsndev.com/api/auth/login \
-H "Content-Type: application/json" \
-d '{"username":"YOUR_USERNAME","password":"YOUR_PASSWORD"}'
# 2) Long-lived API token (after logging in once)
curl -X POST https://echov.projectsndev.com/api/auth/generate-api-token \
-H "Authorization: Bearer SHORT_LIVED_TOKEN"
Then send the token with every call:
Authorization: Bearer YOUR_TOKEN.
Click the green Authorize button below to test endpoints right in this page.
Most state-mutating endpoints (color, cube, lightbeam, label, model transform) also broadcast a WebSocket message via the central WSS server, so anyone viewing your scene (your own browser sessions or your shared / iframed pages) updates instantly without polling.