API Reference

🔐 Authentication

Login

These steps will help you maintain access to the API:

  • Make Login request, obtain Access Token and Refresh Token.
  • Store tokens securely in your application.
  • Use Access Token to access The Giving Block API endpoints. Please note that the Access Token has limited lifetime of 2 hours.
  • During any request if you receive an error response with code EXPIREDJWTTOKEN please make a RefreshTokens request to obtain a new pair of _Access and Refresh Tokens.

As a fallback or in case a Refresh Token is lost - make a Login request again.

🚧

If you suspect that the Refresh Token has been compromised - please contact The Giving Block ([email protected]) team to revoke the Refresh Token. Please note that Access Token will be invalidated automatically after its expiration time.

After you’ve obtained Access Token it needs to be passed along with API requests as a header for authentication purposes.

Passing Access Token

API uses Bearer authentication (also called “token authentication”) therefore Access Token should be passed in a Authorization Header with a Bearer prefix, example:

Authorization: Bearer YOUR_ACCESS_TOKEN

Example:

if your Access Token is abcdef123456 then token should be passed like this

curl --request GET  
  --url <https://public-api.tgbwidget.com/v1/organization/99>  
  --header 'Authorization: Bearer abcdef123456'