Exchange credentials for JWT token
Exchange HMAC-signed request for a short-lived JWT token.
Authentication: Requires HMAC signature authentication with integrator credentials.
Use Case: Backend integrators can exchange their HMAC credentials for a JWT token that can be used from frontend applications.
Token Lifetime: Maximum 3600 seconds (60 minutes), default 3600 seconds.
Rate Limiting: 100 token exchanges per minute per integrator.
Authorizations
Section titled “Authorizations ”Request Body required
Section titled “Request Body required ”object
User API key for token exchange
Token lifetime in seconds (default: 3600, max: 3600)
object
User API key for token exchange
Token lifetime in seconds (default: 3600, max: 3600)
object
User API key for token exchange
Token lifetime in seconds (default: 3600, max: 3600)
Responses
Section titled “ Responses ”Response for status 200
object
JWT access token with spr_ prefix
The internal ID of the authorized user
Token type (always ‘Bearer’)
Token lifetime in seconds
ISO 8601 timestamp when token expires
Response for status 401
object
A URI reference that identifies the problem type
A short, human-readable summary of the problem type
The HTTP status code
A human-readable explanation specific to this occurrence
A URI reference that identifies the specific occurrence
The authentication realm
The required scope for this resource
Response for status 404
object
A URI reference that identifies the problem type
A short, human-readable summary of the problem type
The HTTP status code
A human-readable explanation specific to this occurrence
A URI reference that identifies the specific occurrence
The type of resource that was not found
The identifier of the resource that was not found
Response for status 500
object
A URI reference that identifies the problem type
A short, human-readable summary of the problem type
The HTTP status code
A human-readable explanation specific to this occurrence
A URI reference that identifies the specific occurrence