Authentication using JWT

All of our new endpoints are authenticated using JWT (JSON Web Tokens). is the industry standard for authentication tokens using RFC 7519. Please note that JWT will expire in 24 hours. Jump over to to learn more about JSON Web Tokens.

Using JWTs in your code

The preferred way to authenticate with the Terminal API is by adding an Authorization header containing your access token to the requests:

Authorization: Bearer YOUR_JWT_TOKEN

Each JWT can be decoded at to see what information the token contains. The token has 3 parts: header, payload, and signature. The header shows the algorithm and token type; the payload shows your grants, role, user information, and domain; the signature contains the base64 encoded value of (header + payload + API secret)

Learn more about JSON Web Tokens

Curious about JWTs? Click here to learn about what they are and how they are used.