If you try to access the API via the button below without logging in first (i.e. without obtainined a jwt access or refresh token) it will return a 401 error as the API endpoint is protected via OAuth authorization. This implementation uses jwt access and refresh tokens. Access token is kept in browser memory and expires after 30 seconds, refresh token remains valid for one week and is stored in httpOnly cookie to allow access to api even after a page reload.