REST API v1 JSON · JWT Auth

API Documentation

Base URL: https://examrankers.com/api/

Overview
Authentication Error Codes Rate Limits
Auth
POST /auth/login GET /auth/me
Blog
GET /blog GET /blog/:slug
Admin
Admin Blog CRUD Admin Settings Testimonials FAQs

Authentication

ExamRankers uses JWT (JSON Web Token) Bearer authentication for all admin endpoints. Public endpoints (blog list, testimonials, FAQs) require no authentication.

Getting a token
POST /api/auth/login // Request body { "email": "admin@yoursite.com", "password": "your_password" } // Response 200 { "success": true, "token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...", "admin": { "id": 1, "name": "Admin", "email": "admin@yoursite.com" } }
Using the token
// Pass the JWT in the Authorization header Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...
JavaScript example
const token = localStorage.getItem('er_token'); const res = await fetch('/api/admin/blog', { method: 'GET', headers: { 'Authorization': `Bearer ${token}`, 'Content-Type': 'application/json' } }); const data = await res.json();

Error Codes

StatusCodeMeaning
200 OK Request succeeded
201 Created Resource created successfully
400 Bad Request Missing or invalid request body
401 Unauthorized Missing or invalid JWT token
403 Forbidden Valid token but insufficient permissions
404 Not Found Resource does not exist
422 Unprocessable Validation failed — check field errors in response
500 Server Error Unexpected error — contact support

Rate Limits

API requests are rate-limited per IP address. Response headers include your current usage.

X-RateLimit-Limit: 120 X-RateLimit-Remaining: 117 X-RateLimit-Reset: 1719000000
120 req / minute
Public endpoints
60 req / minute
Admin endpoints
10 req / minute
Auth endpoints

Endpoints

Blog (Public)
GET GET /api/blog

List published blog posts  ·  ?limit=10&offset=0&category=Tips

GET GET /api/blog/:slug

Get a single post by slug

GET GET /api/testimonials

List published testimonials

GET GET /api/faqs

List published FAQs

GET GET /api/settings

Get public site settings

Admin — Blog JWT Required
GET GET /api/admin/blog

List all blog posts (inc. drafts)

POST POST /api/admin/blog

Create a new blog post

GET GET /api/admin/blog/:id

Get a single post by ID

PUT PUT /api/admin/blog/:id

Update a post

DELETE DELETE /api/admin/blog/:id

Delete a post

POST /api/admin/blog — Request body
{ "title": "My Blog Post Title", // required "content": "<p>HTML content here</p>", // required "excerpt": "Short summary", // optional "category": "Tips", // optional "cover_image":"https://...", // optional "status": "published" // "published" | "draft" }
Admin — Settings JWT Required
GET GET /api/admin/settings

Get all site settings as key→value object

PUT PUT /api/admin/settings

Update settings. Send any subset of keys to update only those fields.

Need help integrating?

Our team can help you connect ExamRankers to your systems.

Contact Support →