Powered by Redocly

Authentication

This section describes how to authenticate with the Crymbo API.

generate-JWT

Generates a JWT token, requiring the API key and API secret. The JWT token is valid for 30 minutes. If the token expires, you will need to generate a new one. Each subsequent API request will require an Authorization token in the header.

If you are a new customer and do not have an API key and secret, please contact Emile Davidson at emile@crymbo.com. For existing customers, please contact your assigned account manager.

Request
Request Body schema: application/json
required
api_key
string

Your unique API key provided by Crymbo.

api_secret
string

Your secret API key provided by Crymbo.

username
string

Username for which the JWT token is being generated.

Responses
200

JWT Token successfully generated.

400

Bad Request - Invalid API Key or Secret.

401

Unauthorized - Invalid or missing API Key/Secret.

post/auth/login/jwt
Request samples
application/json
{
  • "api_key": "your-api-key",
  • "api_secret": "your-api-secret",
  • "username": "user123"
}
Response samples
application/json
{
  • "iss": "<string>",
  • "iat": 543823,
  • "exp": 113987,
  • "type": "Bearer",
  • "token": "<token>"
}

Validate-JWT-token

Validates the provided JWT token to ensure it is authentic and not expired. The Authorization header should contain the JWT token.

SecurityAuthorization
Request
header Parameters
Authorization
required
string

JWT token in the Authorization header.

Example: Bearer <JWT token>
Responses
200

The JWT token is valid.

401

Unauthorized - Invalid or expired JWT token.

403

Forbidden - Insufficient permissions to access the resource.

500

Internal Server Error - Unexpected issue occurred.

post/auth/login/jwt/validate
Response samples
application/json
{
  • "message": "Valid JWT Token",
  • "valid": true
}
➔ Next to Balances