Guides
Start typing to search…

Authentication

Authentication

Sensos API uses JWT token authentication to secure your requests. Follow the instructions below to generate and use the JWT token.

Generating JWT Token

To authenticate with the Sensos API, you need to generate a JWT token by sending a POST request with your tenant ID, application ID, and application secret.

URL

POST https://<baseUrl>/v1/applications/token

Request Body

{
  "tenantId": "<tenantId>",
  "applicationId": "<applicationId>",
  "applicationSecret": "<applicationSecret>"
}

Response

The response will include the access token and the expiration time. Currently, the token expires after 1 day.

{
  "accessToken": "<accessTokenJwtFormat>",
  "expiresIn": <tokenExpirationPeriodInSeconds>
}

Example Request using curl

curl -X POST "https://<baseUrl>/v1/applications/token" \
     -H "Content-Type: application/json" \
     -d '{
           "tenantId": "yourTenantId",
           "applicationId": "yourApplicationId",
           "applicationSecret": "yourApplicationSecret"
         }'

Using the JWT Token

Once you have obtained the JWT token, include it in the Authorization header of your subsequent API requests. The token should be prefixed with the word Bearer, followed by a space.

Example

curl -X GET "https://<baseUrl>/v1/endpoint" \
     -H "Authorization: Bearer <accessTokenJwtFormat>" \
     -H "Content-Type: application/json"

Error Handling

If authentication fails, the API will return a 401 Unauthorized status code. This typically happens if the token is missing, invalid, or expired.

Example Error Response

{
  "error": "Unauthorized",
  "message": "Invalid or expired access token"
}

Best Practices

  • Keep It Secret: Never expose your JWT token or application secrets in publicly accessible areas such as client-side code, GitHub repositories, or forums.
  • Use Environment Variables: Store your JWT token and application secrets in environment variables rather than hard-coding them into your application.

Token Expiration

Tokens are valid for 10 hours. Make sure to refresh your token before it expires to avoid authentication issues.

This updated authentication page reflects the specific details of generating and using JWT tokens for your API. Let me know if you need any further adjustments!

Updated 2 months ago