2️⃣Authentication

This step assumes you have successfully obtained your API credentials following API Credentials and are ready to go.

This step is not strictly required if you are using our Postman collection as authentication is done automatically on every request provided that correct API credentials are set in your Postman environment.

As stated in Authentication section of our API integration guide, in order to access any API endpoint you need to obtain a JWT token using your previously issued credentials.

Initial Authentication

post

Retrieve authentication token using API credentials

Body
apiKeystring Β· uuidRequired

Unique API key used to identify your API integration. Note this can be different for live and sandbox environments

Example: d04953b7-5878-4fd0-8970-0a5f77fbce59
apiSecretstringRequired

API secret

Example: 64ec977db2e585887c80ed62fe9997994aed8093
Responses
200
Successful operation
application/json
post
POST /v1/auth/token HTTP/1.1
Host: api.offblocks.xyz
Content-Type: application/json
Accept: */*
Content-Length: 104

{
  "apiKey": "d04953b7-5878-4fd0-8970-0a5f77fbce59",
  "apiSecret": "64ec977db2e585887c80ed62fe9997994aed8093"
}
{
  "token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c",
  "expiresAt": 1699974342,
  "tokenType": "Bearer"
}

If your request was successful, you will receive a token as part of response, together with its expiration timestamp (by default all tokens expire after 1 hour).

You can now use a valid token to make requests to other endpoints of the API by providing it as an Authorization header in a following way:

Authorization: "Bearer <token>"

// For example 
// Authorization: "Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE3MDE1MjY4NTUsIklkIjoiZGZjMTU3MzAtZGI2Zi00MjY1LWE3NjgtNjQ2ODhlNzE4NjA3IiwiR2VuZXJhdGlvbiI6MH0.326XVPWFcc_Z6zg0rCZ5NLou1Mxmql_Ri0r0vD8R4ko"

If you want to change your API credentials, you can make an authenticated request to the following endpoint. Please note, all previously issued tokens will become invalid.

Update API credentials

put

Add or update API credentials. If credentials are updated this action invalidates all issued tokens and active sessions

Authorizations
Body
apiKeystring Β· uuidRequired

Unique API key used to identify your API integration. Note this can be different for live and sandbox environments

Example: d04953b7-5878-4fd0-8970-0a5f77fbce59
apiSecretstringRequired

API secret

Example: 64ec977db2e585887c80ed62fe9997994aed8093
Responses
204
Successful operation
put
PUT /v1/auth/credentials HTTP/1.1
Host: api.offblocks.xyz
Authorization: Bearer JWT
Content-Type: application/json
Accept: */*
Content-Length: 104

{
  "apiKey": "d04953b7-5878-4fd0-8970-0a5f77fbce59",
  "apiSecret": "64ec977db2e585887c80ed62fe9997994aed8093"
}
No content
PreviousAPI CredentialsNextRequest Preparation

Last updated