Authentication

Passing JWT accesstoken

Most of endpoints in the Hautech API require authentication. To access these protected resources, you must include a valid JWT access token in the Authorization header of your HTTP requests. This token can be obtained in one of two ways:

API Token from Developers Portal:
Received immediately from the developer portal when you create a new key.
Self-Signed JWT:
Generated using your App credentials.

Both types of tokens are used in exactly the same way in your API requests. For example:

Authorization: Bearer <your_jwt_token>

Signing JWT with private key

Below is an example of generating a self-signed JWT in Node.js. This sample uses a wildcard permission ("*"):

const jwt = require("jsonwebtoken");

const payload = {
  iss: "your-app-id",
  sub: "user@example.com",
  iat: Math.floor(Date.now() / 1000),
  exp: Math.floor(Date.now() / 1000) + 60 * 60, // Expires in 1 hour
  permissions: ["*"], // Wildcard permission for full access
};

const header = {
  kid: "your-app-key-id", // Include the key ID in the header
};

const token = jwt.sign(payload, "your-app-key-secret", {
  algorithm: "RS256",
  header: header,
});
console.log(token);

Permissions

You can retrieve the complete list of available permissions by sending a GET request to:

GET https://api.hautech.ai/v1/permissions/available

Permissions support wildcards at the end of a permission string. For example, using a permission like collections.items.* grants access to all operations within the collections.items namespace.

Remember to include your token in the Authorization header for every request to protected endpoints.

Passing JWT accesstoken​

Signing JWT with private key​

Permissions​

Passing JWT accesstoken

Signing JWT with private key

Permissions