Skip to main content
POST
/
api
/
v1
/
auth
/
token
Issue JWT token
curl --request POST \
  --url https://api.paratro.com/api/v1/auth/token \
  --header 'X-API-Key: <x-api-key>' \
  --header 'X-API-Secret: <x-api-secret>'
{
  "token": "<string>",
  "token_type": "Bearer",
  "expires_in": 3600,
  "client": {
    "client_id": "<string>",
    "client_name": "<string>",
    "status": "ACTIVE",
    "subscription_tier": "<string>",
    "max_wallets": 123
  }
}

Issue Token

Authenticate with your API Key and API Secret to obtain a JWT token. No Authorization header required.
Access tokens are valid for 15 minutes. Your application must manage token lifecycle — re-authenticate before expiry to maintain uninterrupted access. The expires_in field in the response indicates the exact validity period in seconds.
X-API-Key
string
required
Your API key.
X-API-Secret
string
required
Your API secret.

Response

{
  "token": "eyJhbGciOiJIUzI1NiIs...",
  "expires_in": 900,
  "token_type": "Bearer",
  "client": {
    "client_id": "c_01HXYZ...",
    "client_name": "Acme Corp",
    "status": "ACTIVE",
    "subscription_tier": "",
    "max_wallets": 10
  }
}

Errors

HTTPCodeCondition
401unauthorizedInvalid API Key or API Secret
403forbiddenClient inactive or IP not allowlisted
500internal_errorService configuration error

Headers

X-API-Key
string
required

Your API key provided by Paratro.

X-API-Secret
string
required

Your API secret provided by Paratro.

Response

Successfully authenticated.

token
string
required

JWT token for authorizing API requests.

token_type
string
required

The type of token issued.

Example:

"Bearer"

expires_in
integer
required

Token expiration time in seconds.

Example:

3600

client
object
required