=== Input validations ===
The service validates all input it receives from a client and returns a <code>422</code> (Unprocessable Entity) HTTP [[#Error_codes_and_responses|error code with a descriptive error object]].
=== Auth action ===
To give a client the possibility of verifying username and password, a pseudo-ressource is provided, the only method implemented is the GET.
==== Auth retrieval (GET) ====
===== Auth retrieval (GET) example =====
To verify the authentication the clients sends a HTTP <code>GET</code> request on the auth's resource URI <code>https://api.example.com/v1/auth</code>.
The service responds with a HTTP status code:
* 200 (OK) on success
* 401 (Unauthorized) on authentication failure
* 429 (Too Many Requests)
The service must never return <code>403</code> or similar to avoid attacks which try to figure out which users exist and which do not.
'''Request''':
<pre>
GET /v1/auth/ HTTP 1.1
HOST: api.example.com
AUTHORIZATION: Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==
</pre>
<pre>
Accept: application/json
</pre>
'''Answer''':
<pre>
HTTP/1.1 200 OK
</pre>
<pre>
Content-Type: application/json; charset=UTF-8
</pre>
(no content for now)
=== Reseller resource ===