The JWT token is a key component for secure interaction with Nova Post API.

What the token is used for:

• 1
  Authorization of requests. Each request to the API must contain a valid token in the header to confirm access rights.
• 2
  Client verification. The token confirms that the request came from an authorized person.
• 3
  Data protection. It prevents unauthorized access to confidential information.

Token characteristics

Format:

• 1
  The token is implemented in the JWT (JSON Web Token) format, consisting of three parts: header, payload, and signature.
• 2
  JWT has a standard structure that looks like

eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJucCIsInN1YiI6IjEyMyIsImlhdCI6MTUxNjIzOTAyMiwiZXhwIjoxNTE2MjM5MDkyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c

Security: 

• 1
  The token must be protected and not shared with third parties, as it grants access to the API.
• 2
  HTTPS is used to secure token exchanges.
  

Request Endpoints:

Tokens are used for the following Nova Post API endpoints:

• 1
  https://api.novaposhta.ua/v.1.0/
• 2
  https://api.novapost.com/v.1.0/

Token Limitations

• 1
  Each token is valid only for the specific API key with which it was generated.
• 2
  The token is valid for one hour. After this period, a new token must be obtained to continue interacting with the API.
• 3
  The maximum number of active sessions (tokens) for a single account may be limited by the system for security purposes.

Usage Recommendations

• 1
  Regularly refresh the token. Monitor the token's expiration time and always obtain a new token before making requests if the previous token has expired.
• 2
  Protect your API key and token. Do not disclose the API key and token, and use HTTPS for all requests to avoid data interception.
• 3
  Track token usage to prevent system overload and potential attacks.
  

To home page