Obtain JWT access token
API Reference
Authentication
Exchange API credentials for a JWT used as Authorization: Bearer <token> on protected routes. Tokens expire after one hour.
POST
Obtain JWT access token
Overview
The partner authentication endpoint allows trusted third-party partners to exchange their issued API credentials for a JWT (JSON Web Token) that can be used to authenticate subsequent API requests on behalf of their clients.Request
Headers
Content-Type: application/json
Body Parameters
Your unique API key issued by Targeter for your approved partnership
Your plain-text API secret issued by Targeter. Send the secret exactly as provided — not a bcrypt hash or other encoded form.
Example Request
api_key, api_secret). CamelCase names such as apiKey return 400.
Response
Success Response (200)
JWT token to be used in Authorization header for subsequent requests
Token type (always “Bearer”)
Token validity in seconds (3600 = 1 hour)
Example Response
Error Responses
400 - Invalid request payload
401 - Invalid API credentials
500 - Internal server error
Usage Notes
- Token Expiration: JWT tokens expire after 1 hour for security
- Refresh: You must obtain a new token when the current one expires
- Security: Never expose your issued API secret in client-side code — these are for server-to-server communication only
- Storage: Store tokens securely and refresh them before expiration
- Credentials: Only use API credentials issued specifically to your approved partnership
- Base URL: Your API base URL is provided with your credentials (e.g.
https://app.targeter.tech/api)
Next Steps
Once you have your JWT token, you can use it to make authenticated requests on behalf of your clients:Body
application/json