Authentication
  • 11 Aug 2022
  • 1 Minute to read
  • Dark
    Light

Authentication

  • Dark
    Light

All services on SettleMint are secured and can only be used when authenticated. Authentication can be done in two ways.

When you log in to SettleMint, a cookie is set. If this cookie is available during the request, and your user has access to the URL you are trying to access, the request will succeed. If not, you will be redirected to the log in page, or you will receive a 401 error for API requests.

The JWT token in the cookie is a short-lived token that can also be sent using the Authentication: Bearer JWT header. This is not recommended for API integrations due to the expiry time of this token.

API keys

To authenticate in code or external tools, apps and plugins, you can create an API key.

You can use these API keys in three ways depending on what works for your use case.

  • As a header, you can use the header x-auth-token: KEY.
  • As a query parameter using https://myservice.settlemint.com/?token=APIKEY appended to any URL.
  • As the last part of the URL https://myservice.settlemint.com/APIKEY.
    • For IPFS nodes build your uri so it becomes https://myservice.settlemint.com/APIKEY/api/v0/...
    • For Avalanche and Fuji build your uri so they look like https://myservice.settlemint.com/ext/bc/C/rpc/APIKEY

Was this article helpful?

What's Next