All of our new endpoints are authenticated using JWT (JSON Web Tokens). JWT.io is the industry standard for authentication tokens using RFC 7519. Please note that JWT will expire in 24 hours. Jump over to JWT.io to learn more about JSON Web Tokens.
The preferred way to authenticate with the Terminal API is by adding an
Authorization header containing your access token to the requests:
|Authorization: Bearer YOUR_JWT_TOKEN
Each JWT can be decoded at JWT.io to see what information the token contains. The token has 3 parts: header, payload, and signature. The header shows the algorithm and token type; the payload shows your grants, role, user information, and domain; the signature contains the base64 encoded value of (header + payload + API secret)
Learn more about JSON Web Tokens
Curious about JWTs? Click here to learn about what they are and how they are used.