The Domain Scraper API supports two authentication methods to ensure secure and flexible access for customers:

1. Bearer Token Authentication (JWT)

• Description: Customers can authenticate using a Bearer token, which is a JSON Web Token (JWT) generated through the /login/ endpoint. This token includes user-specific information and an expiration timestamp.

• Token validity: The JWT remains valid for 1 hour from the time of issuance.

• Usage: Include the token in the Authorization header for all subsequent API calls requiring authentication:

  Authorization: Bearer <your_jwt_token>
  

2. API key authentication

• Description: Customers can create and manage API keys via the /keys/ endpoint. API keys are customizable with specific permission levels:

  • Read: Grants access to fetch and view data.
  • Write: Allows modification or creation of data.
  • ReadWrite: Combines both read and write access.

• Usage: Include the API key in the X-Key header for API calls:

  X-Key: <your_api_key>
  

Authentication is mandatory for all API endpoints. Without valid credentials, requests to protected resources will result in a 401 Unauthorized response.