/ (root)

A private application root takes a token as single query parameter. The initial token has an expiry of 10 seconds and the client will immediately try to renew its token for an client token with 120 seconds expiry.

A public application does not require a token.

A private root accessed without a valid token as query parameter will respond with a redirect to the login view.