Overview
Authentication is an essential part of securing access to the API. In our API, we use JWT (JSON Web Token) to verify the identity of users and systems accessing the API. To obtain a JWT, you must authenticate using your clientId and clientSecret. JWT is a compact, URL-safe means of representing claims to be transferred between two parties. It is used to authenticate API calls and validate that the user has the proper access privileges.Authentication Flow
To authenticate with the API, follow these steps:- Obtain your clientId and clientSecret: These credentials are provided when you register your application with the API provider. You will use these credentials to authenticate and obtain the JWT.
- Authenticate to get the JWT: Use your clientId and clientSecret to request a JWT using the Oauth Endpoint.
Important Notice
The JWT has an expiration time, so you will need to re-authenticate periodically to obtain a new token.
The JWT has an expiration time, so you will need to re-authenticate periodically to obtain a new token.
Important Notice
Treat
Treat
clientId, clientSecret and jwtToken as sensitive data:- Do not commit them in version control or expose them in logs
- Store them securely (e.g. using a secrets manager)
- Do not expose them in client-side code or share them publicly