Comment on page
🔐

Authentication Flow

These steps will help you maintain access to the API:
  1. 1.
    Make Login request, obtain Access Token and Refresh Token.
  2. 2.
    Store tokens securely in your application.
  3. 3.
    Use Access Token to access The Giving Block API endpoints. Please note that the Access Token has limited lifetime of 2 hours.
  4. 4.
    During any request if you receive an error response with code EXPIRED_JWT_TOKEN please make a RefreshTokens request to obtain a new pair of Access and Refresh Tokens.
As a fallback or in case a Refresh Token is lost - make a Login request again.
If you suspect that the Refresh Token has been compromised - please contact The Giving Block ([email protected]) team to revoke the Refresh Token. Please note that Access Token will be invalidated automatically after its expiration time.
After you’ve obtained Access Token it needs to be passed along with API requests as a header for authentication purposes.
Please see “Passing Access Token” in the API reference document for more information