Using Tokens
The JWT token is a key component of secure interaction with the Nova Post API.
Last updated
The JWT token is a key component of secure interaction with the Nova Post API.
Request Authorization Every API request must include a valid token in the header to confirm access rights.
Client Verification The token verifies that the request originates from an authorized party.
Data Protection The token helps prevent unauthorized access to sensitive information.
Format:
The token is implemented in the JWT (JSON Web Token) format and consists of three parts: header, payload, signature.
A JWT has a standard structure that looks like the following: eyJhbGciOiJIU5cCI6IkpXVCJ9.eyJpc3MiOiJDkyfQ.SflKxwRJSMeKKF
Security:
The token must be kept secure and must not be shared with third parties, as it grants access to the API.
HTTPS is used to ensure secure transmission of tokens.
Tokens are required for the following Nova Post API endpoints:
More information about Nova Post API endpoints
Each token is valid only for the specific API key used to generate it.
The token is valid for one hour. After expiration, a new token must be obtained to continue interacting with the API.
The maximum number of active sessions (tokens) per account may be limited by the system for security purposes.
Usage RecommendationsRefresh tokens regularly. Monitor the token expiration time and always obtain a new token before sending requests if the previous one has expired.
Protect your API key and token. Do not share your API key or token. Always use HTTPS for all requests to prevent data interception.
Monitor token usage. Track token usage to prevent system overload and mitigate potential security threats.
Last updated