Skip to main content
POST
Auth Token
Exchange your API key for a short-lived JWT token. Use this token in the Authorization header for all protected endpoints.

Request

X-API-Key
string
required
Your API key, provided during Account Setup. Format: eval-api-key-<unique-hash>
Content-Type
string
required
Must be application/json

Response

access_token
string
required
JWT token to include in the Authorization: Bearer header on subsequent requests
token_type
string
required
Always "bearer"
expires_in
integer
required
Token lifetime in seconds. Default: 7200 (2 hours)

Example Request

Example Response

Error Responses

401 — Missing API Key

401 — Invalid API Key

Notes

  • Tokens expire in 2 hours (7200 seconds). Request a new token before expiry.
  • Tokens cannot be refreshed or extended.
  • Store tokens securely. Never expose API keys in client-side code.