Access and authentication

The PreCrime Platform supports two authentication methods for programmatic access:

Authentication Methods

• JWT Token - Generate a token using username and password credentials

• API Key - Use a pre-configured API key for direct access

Both methods provide secure access to the platform's API endpoints and can be used depending on your integration requirements and security preferences.

JWT Authentication

PreCrime users can generate a JSON Web Token (JWT) for authentication by providing their username and password credentials.

Token Lifecycle:

• JWT tokens expire 60 minutes after generation

• Tokens can be renewed before expiration by calling the appropriate renewal endpoint

• Tokens can be manually invalidated when no longer needed

Authentication Flow:

1. Submit valid username and password credentials

2. Receive JWT token upon successful authentication

3. Include the token in subsequent API requests

4. Renew the token before expiration or generate a new one as needed

POST /user/login HTTP/1.1
Host: api.bfore.ai
Content-Type: application/json
Accept: */*
Content-Length: 51

{
  "username": "john.doe",
  "password": "SecurePass123!"
}

{
  "Id": "12345678-1234-1234-1234-123456789abc",
  "Created": "2023-01-15T10:30:42",
  "Username": "john.doe",
  "Email": "[email protected]",
  "Firstname": "John",
  "Lastname": "Doe",
  "Properties": {
    "a": "aaa",
    "b": "bbb",
    "c": "ccc"
  },
  "Authorizations": [
    {
      "Company": {
        "Id": 1,
        "Name": "Company Inc",
        "Created": "2022-05-10T09:15:20",
        "Deleted": "0001-01-01T00:00:00"
      },
      "Roles": [
        {
          "Id": 1,
          "Name": "sys-admin"
        }
      ]
    }
  ],
  "Active": {
    "Id": 1,
    "Name": "Company Inc",
    "Created": "2022-05-10T09:15:20",
    "Deleted": "0001-01-01T00:00:00"
  },
  "Token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
  "PasswordExpiration": "2024-06-15T18:30:00"
}

GET /user/renew HTTP/1.1
Host: api.bfore.ai
Authorization: Bearer YOUR_SECRET_TOKEN
Accept: */*

{
  "token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..."
}

GET /user/logout HTTP/1.1
Host: api.bfore.ai
Authorization: Bearer YOUR_SECRET_TOKEN
Accept: */*

{
  "message": "Success"
}

API Key authentication

To authenticate using an API key, follow these steps:

API Key Generation:

• API keys can be generated by getting in contact with us. Soon we will provide self service access to API key management within the platform.

Authentication Methods: API keys can be provided in two ways:

Option 1: Header Authentication Include the API key in the X-Authorization header:

GET https://api.bfore.ai/test/secure
X-Authorization: <API_KEY>

Option 2: Query Parameter Authentication Include the API key as a query parameter:

GET https://api.bfore.ai/test/secure?api_key=<API_KEY>

Both methods provide equivalent authentication and can be used based on your implementation preferences.

POST /authheader/add HTTP/1.1
Host: api.bfore.ai
Authorization: Bearer YOUR_SECRET_TOKEN
Content-Type: application/json
Accept: */*
Content-Length: 29

{
  "name": "production-api-key"
}

{
  "id": "text",
  "name": "production-api-key",
  "token": "text",
  "created": "2025-12-05T23:33:26.845Z"
}

GET /authheader/list HTTP/1.1
Host: api.bfore.ai
Authorization: Bearer YOUR_SECRET_TOKEN
Accept: */*

[
  {
    "id": "text",
    "name": "production-api-key",
    "token": "text",
    "created": "2025-12-05T23:33:26.845Z"
  }
]

POST /authheader/delete HTTP/1.1
Host: api.bfore.ai
Authorization: Bearer YOUR_SECRET_TOKEN
Content-Type: application/json
Accept: */*
Content-Length: 15

{
  "text": "text"
}

{
  "message": "Success"
}