Authenticating API requests

The API is designed around secure sessions. Once a session is created a JWT should be signed on the client side and provided in an Authorization header.

  const { session_id, session_secret } =;
  const path = `/api/v1/session/${session_id}/accounts`;
  const bearer = jwt.encode({
    path: path,
    session_id: session_id,
  }, session_secret)

  const accountsResponse = await axios.get(`${path}`,
    headers: {
      authorization: `Bearer ${bearer}`

Last updated