Version: 1.0.0
AndroidNexus API
The AndroidNexus API enables programmatic management of your Android device fleet.
Authentication
AndroidNexus uses cookie-based JWT authentication with CSRF protection.
Login Flow
- Login to get session cookies and CSRF token:
curl -X POST https://api.devicenexus.ai/api/v1/auth/login \
-H "Content-Type: application/json" \
-c cookies.txt \
-d '{"email": "admin@company.com", "password": "your-password"}'
- Extract CSRF token from the login response:
{
"status": "success",
"data": {
"csrf_token": "abc123...",
"expires_in": 86400
}
}
- Include cookies and CSRF token in subsequent requests:
curl -X POST https://api.devicenexus.ai/api/v1/devices/{id}/commands \
-b cookies.txt \
-H "Content-Type: application/json" \
-H "X-CSRF-Token: abc123..." \
-d '{"command_type": "lock_device"}'
CSRF Protection
- GET requests: Only require session cookie
- POST/PUT/DELETE requests: Require both session cookie AND
X-CSRF-Tokenheader
Response Format
All responses follow this structure:
Success:
{
"status": "success",
"data": { ... }
}
Error:
{
"status": "error",
"error": "Error message"
}
Pagination
List endpoints support pagination:
| Parameter | Default | Description |
|---|---|---|
page | 1 | Page number (starts at 1) |
limit | 50 | Items per page (max 100) |
Response includes pagination metadata:
{
"data": {
"devices": [...],
"pagination": {
"page": 1,
"limit": 50,
"total": 150,
"total_pages": 3,
"has_next": true,
"has_prev": false
}
}
}
Authentication
- API Key: cookieAuth
- API Key: csrfToken
HttpOnly JWT cookie (set after login)
Security Scheme Type: | apiKey |
|---|---|
Cookie parameter name: | access_token |
CSRF token (required for POST/PUT/DELETE)
Security Scheme Type: | apiKey |
|---|---|
Header parameter name: | X-CSRF-Token |