The JWT token is a key component for secure interaction with Nova Post API.

What the token is used for:

• Authorization of requests. Each request to the API must contain a valid token in the header to confirm access rights.
• Client verification. The token confirms that the request came from an authorized person.
• Data protection. It prevents unauthorized access to confidential information.

Token characteristics

Format:

• The token is implemented in the JWT (JSON Web Token) format, consisting of three parts: header, payload, and signature.
• JWT has a standard structure that looks like

Security: 

• The token must be protected and not shared with third parties, as it grants access to the API.
• HTTPS is used to secure token exchanges.
  

Request Endpoints:

Tokens are used for the following Nova Post API endpoints:

• https://api.novaposhta.ua/v.1.0/
• https://api.novapost.com/v.1.0/

Token Limitations

• Each token is valid only for the specific API key with which it was generated.
• The token is valid for one hour. After this period, a new token must be obtained to continue interacting with the API.
• The maximum number of active sessions (tokens) for a single account may be limited by the system for security purposes.

Usage Recommendations

• Regularly refresh the token. Monitor the token's expiration time and always obtain a new token before making requests if the previous token has expired.
• Protect your API key and token. Do not disclose the API key and token, and use HTTPS for all requests to avoid data interception.
• Track token usage to prevent system overload and potential attacks.
  

To home page