Create Session Token

📘
Authentication FAQs

What's the TTL?
Every generated access_token has a 60min (1hr) expiry time.

Can i have multiple active auth tokens at the same time?
Yes, requesting for a new token does not expire the previously retrieved token. Every token's expiry time (60 mins) is always determined by when it was initially requested.

What's the rate limit?
Token should be cached and recycled. So no more than 5-10 Api calls per hour is expected.

Can we get multiple pairs of clientID and clientSecret?
Due to the nature of the authentication model, you shouldn't be requiring more than 1 pair, however, if absolutely needed, we can provision accordingly. Please contact DriveWealth if this is a requirement.

How do i use the retrieved auth token?
You'll pass it into the header of all API calls as "Authorization": "Bearer {access_token}"

xxxxxxxxxx
curl --request POST \
     --url https://bo-api.drivewealth.io/back-office/auth/tokens \
     --header 'accept: application/json' \
     --header 'content-type: application/json' \
     --header 'dw-client-app-key: {{yourAppKey}}'

xxxxxxxxxx
 
{
  "token_type": "Bearer",
  "expires_in": "3600",
  "access_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c",
  "scope": "all_trading"
}

📘Authentication FAQs

200Creating Session Token was Successful.

📘
Authentication FAQs