这对我有用:

curl -XPOST -v -H 'Content-Type: application/json' http://domain/api/v1/auth/sign_in -d '{"email": "email@domain.com", "password": "password" }

所以我得到了回复(如下所示，只是重要的部分):

So I get back the response (something like below, only important part) :

< access-token: lW1c60hYkRwAinzUqgLfsQ
< token-type: Bearer
< client: W_xCQuggzNOVeCnNZbjKFw
< expiry: 1426610121
< uid: email@domain.com

然后我可以验证令牌，使用之前从上述请求中获得的客户端和令牌，我这样做:

Then I can validate the token, using the client and token previously obtained from the above request, I do it like this :

curl -XGET -v -H 'Content-Type: application/json' -H 'access-token: lW1c60hYkRwAinzUqgLfsQ' -H 'client: W_xCQuggzNOVeCnNZbjKFw' -H "uid: email@domain.com" http://domain/api/v1/auth/validate_token

结果:

{"success":true,"data":{"id":3,"provider":"email","uid":"email@domain.com","firstname":null,"lastname":null,"email":"email@domain.com"}}