Generate JWT Token

Overview

This endpoint authenticates clients by their client-id and client-secret, and generates a JWT (JSON Web Token) for authorized access to secured endpoints. The JWT should be included in the Authorization header of subsequent API requests.

HTTP Request

GET : /auth/jwt

Request Headers

Header
Description

client-id

The unique identifier for the client.

client-secret

The secret key associated with the client-id, used for authentication.

Response

Upon successful authentication, the server responds with a JWT in the Authorization header of the response.

Response Headers

Header
Description

Authorization

The JWT prefixed with Bearer , e.g., Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...

Sample Response Header

Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...

Status Codes

The endpoint returns the following status codes:

Status Code
Description

200

OK - The request has succeeded and the JWT is provided in the Authorization header of the response.

400

Bad Request - The request is invalid or missing required headers.

403

Unauthorized - The provided client-id or client-secret is invalid.

500

Internal Server Error - We had a problem with our server. Try again later.

Example Request

Using curl to make a request to generate a JWT:

curl -X POST "{{base_url}}/auth/jwt" \
     -H "client-id: YOUR_CLIENT_ID" \
     -H "client-secret: YOUR_CLIENT_SECRET"

Notes

  • The generated JWT is valid for a specific period (1 hour). After it expires, you will need to request a new token using this endpoint.

  • Ensure the security of your client-secret. Do not expose it in client-side code or in environments where unauthorized users can access it.

Usage in subsequent calls

Use the generated JWT in all the other calls as it was provided in the generation api

  • Header name: Authorization

  • Prefix the token with Bearer

PreviousAuthenticationNextProtected Resources

Last updated