How to obtain an access token.

Generation of the Access Token 🔐

  • To obtain an access token, you need to provide your API key and API secret through a request to the endpoint /api/auth/apikey.
url = ""
payload = {
    "api_key": "12345..."
    "api_secret": "678910..."
headers = {
    "accept": "application/json",
    "content-type": "application/json"
response =, json=payload, headers=headers)
  • The API key and secret combination serves as the credentials for authentication.
    Upon successful authentication, the server generates an access token, which is included in the response.
  "access_token": "abcdefg...",
  "id_token": "opqrstwxyz...",
  "expires_in": 3600,
  "token_type": "Bearer"


Access Token expiration time

The token's expiration time is set to 3600 seconds (or 60 minutes), please don't forget to update it regularly.

Elements of the Access Token

  • access_token: A time-limited token that authorizes the bearer to access protected resources. It needs to be included in the headers of subsequent API requests.
  • id_token: A JSON Web Token (JWT) containing information about the user and the authentication event.
  • expires_in: The duration (in seconds) for which the access token is valid.
  • token_type: The type of token, in this case, "Bearer."


Why do I need an access token?

  • The access token serves as a bearer token, allowing the bearer (the user or application) to access other protected endpoints on the API.
  • It acts as a form of authorization, indicating that the bearer has been authenticated and has the necessary permissions to perform specific actions.