Authentication & Security
Learn how to securely authenticate and make requests to the API.
API
3 min read
Welcome to the Authentication & Security section of the Documint API documentation. This page will guide you through the steps necessary to authenticate with the Documint API and ensure that your data and documents are managed securely. We will cover the methods of authentication supported, how to obtain your credentials, and how to make authenticated API requests.
Overview
The Documint API uses token-based authentication to allow access to the API. You must provide your API token in each request header to interact with the API securely. We currently support two types of tokens:
Personal Access Tokens: For individual users who wish to interact with their own data via the API.
OAuth Tokens: For applications that need to act on behalf of a Documint user.
Both token types are passed via the HTTP Authorization header.
Obtaining Your API Token
Personal Access Tokens
To obtain your personal access token, follow these steps:
Log in to the Documint web app.
Navigate to your account settings.
Find the API section and select "Create New Token."
Give your token a descriptive name and optional expiry.
Save the token securely. You won't be able to see it again!
OAuth Tokens
For OAuth tokens, your application must implement the OAuth 2.0 authorization flow. Please refer to the OAuth 2.0 documentation for detailed steps.
Making Authenticated Requests
Here is a sample of how to make an authenticated request using curl:
cURL
Copy
Copied
In this example, replace YOUR_API_TOKEN with your actual token.
Using Personal Access Tokens
Personal access tokens are the simplest way to authenticate if you're only accessing your own account:
JavaScript
Copy
Copied
Replace YOUR_PERSONAL_ACCESS_TOKEN with your personal access token.
Using OAuth Tokens
When using OAuth tokens, your application will first need to acquire an access token via the OAuth flow. Here's an example of using an OAuth token once you've obtained it:
JavaScript
Copy
Copied
Replace YOUR_OAUTH_TOKEN with the OAuth token your application has received.
Security Recommendations
Keep your tokens secure: Treat your tokens like passwords. Do not share them or commit them to source control.
Use HTTPS: Always make your API requests over HTTPS. This ensures the confidentiality and integrity of your tokens.
Regularly rotate tokens: Periodically change your API tokens to minimize the risk of token compromise.
Monitor token activity: Keep an eye on the usage patterns of your tokens and be alert for any unauthorized use.
Conclusion
By following the above guidelines, you can securely authenticate and make requests to the Documint API. Remember that security is paramount when dealing with authentication tokens and API requests. If you encounter any issues or have any questions, please refer to our troubleshooting guide or contact support.
With authentication set up, you're now ready to explore the full capabilities of the Documint API and integrate robust document management features into your applications.