API Tokens

Exchange your API key for a bearer token.

Exchange the client id + secret of a key you created in your Xental dashboard for a short-lived bearer token, then send it as Authorization: Bearer <token> on every API call.

Tokens are short-lived (~1h)

Re-request a token when it expires. Server integrations typically cache it and refresh on 401.

Mode is baked into the token

A key's test/live mode travels inside its tokens, so calls always run against the matching environment. Create and manage keys in your Xental dashboard.
post/api/v1/auth/token

Exchange client credentials for a short-lived JWT access token.

Public

Body parameters

clientIdstringoptional
clientSecretstringoptional

Responses

200OK401Unauthorized
POST /api/v1/auth/token
curl -X POST "https://api.xental.online/api/v1/auth/token"