API Tokens
Exchange your API key for a bearer token.
Exchange the client id + secret of a key you created in your Xental dashboard for a short-lived bearer token, then send it as Authorization: Bearer <token> on every API call.
Tokens are short-lived (~1h)
Re-request a token when it expires. Server integrations typically cache it and refresh on
401.Mode is baked into the token
A key's
test/live mode travels inside its tokens, so calls always run against the matching environment. Create and manage keys in your Xental dashboard.post
/api/v1/auth/tokenExchange client credentials for a short-lived JWT access token.
Public
Body parameters
clientIdstringoptionalclientSecretstringoptionalResponses
200OK401Unauthorized
POST /api/v1/auth/token
curl -X POST "https://api.xental.online/api/v1/auth/token"