Authentication
DotHack uses AINative Studio as its identity provider. No separate registration is needed.
Auth Methods
| Method | Header | Use Case |
|---|---|---|
| JWT Bearer Token | Authorization: Bearer <token> | Frontend apps, user sessions |
| API Key | X-API-Key: <key> | Server-to-server, CI/CD, agents |
Login
Exchange your AINative email/password for JWT tokens:
POST /api/v1/auth/login
Content-Type: application/json
{
"email": "you@example.com",
"password": "your-ainative-password"
}
Response (200):
{
"tokens": {
"access_token": "eyJhbGciOiJIUzI1NiIs...",
"refresh_token": "eyJhbGciOiJIUzI1NiIs...",
"token_type": "bearer"
},
"user": {
"id": "550e8400-e29b-41d4-a716-446655440000",
"email": "you@example.com",
"name": "Your Name"
}
}
Error (401):
{
"error": {
"status_code": 401,
"message": "Invalid email or password"
}
}
Refresh Token
When your access token expires, use the refresh token to get a new one:
POST /api/v1/auth/refresh
Content-Type: application/json
{
"refresh_token": "eyJhbGciOiJIUzI1NiIs..."
}
Response (200): Same format as login response with new tokens.
Get Current User
Verify your token and get your profile:
GET /api/v1/auth/me
Authorization: Bearer YOUR_ACCESS_TOKEN
Response (200):
{
"id": "550e8400-e29b-41d4-a716-446655440000",
"email": "you@example.com",
"name": "Your Name",
"email_verified": true
}
Using API Keys
For server-to-server integrations, pass your AINative API key in the X-API-Key header:
curl https://dothack.ainative.studio/api/v1/hackathons \
-H "X-API-Key: sk_your_ainative_api_key"
API keys take precedence over Bearer tokens when both are provided.
Error Codes
| Status | Meaning |
|---|---|
| 401 | Invalid or expired token / API key |
| 403 | Insufficient permissions |
| 429 | Rate limit exceeded |
| 503 | AINative auth service unavailable |
| 504 | AINative auth service timeout |
Roles
DotHack uses role-based access control within hackathons:
| Role | Capabilities |
|---|---|
| ORGANIZER | Full control over the hackathon. Manage tracks, prizes, participants, judging. |
| BUILDER | Join teams, create submissions, upload files. |
| JUDGE | Score submissions, view assignments, access rubrics. |
| MENTOR | View participants and submissions, provide guidance. |
Roles are assigned per-hackathon in the hackathon_participants table.