ZapSign API
English
English
  • General Information
  • Getting Started
  • ZapSign Environments
  • Ready-to-use requests!
  • Authentication
    • Static token
    • JWT Authentication
      • Get access token
      • Refresh your access token
  • Types of Tokens
  • API versioning
  • Rate Limit Policies
  • Incident alerts
  • How Payment Works
  • Status Code
  • Account
    • Plan Information
    • List account users
    • Create account users
    • Delete account user
  • Documents
    • Create document via Upload
    • OneClick (ClickWrap)
      • Create document (OneClick)
    • Create document via Template
    • Add attachment (extra document)
    • Add attachment (extra document) via Template
    • Detail document
    • List documents
    • Delete document
    • Document Audit Trail
    • Optional: Place signatures
    • Reject Documents
  • Signers
    • Detail signer
    • Update signer
    • Add signer
    • Delete signer
    • Batch sign via API
    • Reject Documents by User
  • Templates
    • Create template (DOCX)
      • Configure Template Form
    • List templates
    • Get template
    • Update template
    • Delete template
  • Partnerships
    • Update Payment Status
    • Create Account
  • TIMESTAMP
    • Add timestamp
  • Background Check
  • Introduction
  • Understanding the Result
  • Creating a Background Check
    • Person Check
    • Company check
  • Retrieve a Check
  • Check details
  • Webhooks
    • How webhooks works
    • Testing webhooks on ZapSign
    • Create Webhook
    • Webhooks logs
    • Events
      • Document
        • Doc created
        • Doc deleted
        • Created signer
      • Signer
        • Signature request send
        • Document viewed
        • Reading confirmation
        • Doc signed
        • Doc refused
        • Email bounce
        • Failed Validation
      • Background check
        • Background check completed
    • Reprocessing Documents and Webhooks
    • Delete Webhook
  • Widget
    • How widget works
Powered by GitBook
On this page

Was this helpful?

  1. Authentication
  2. JWT Authentication

Get access token

The access token is used to authenticate with the ZapSign API. It is associated with your user and the organization specified when generating the token, and it expires after 1 hour.

PreviousJWT AuthenticationNextRefresh your access token

Last updated 8 months ago

Was this helpful?

To obtain the Access Token, make a request to the authentication endpoint with your ZapSign user credentials. This endpoint will return both the Access Token and the Refresh Token.

POST https://api.zapsign.com.br/api/v1/auth/token/{{organization_ID}}/

You can obtain your organization ID by navigating to Settings > Integrations > API Token > Organization ID.

Request body
{
    "username": "dev@example.com.br",
    "password": "StrongPassword123"
}

{
    "refresh": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ0b2tlbl90eXBlIjoicmVmcmVzaCIsImV4cCI6MTcxMDE3ODM0NCwianRpIjoiYjhmZjMwNDJmNjRkNDJmM2FlMzczZmRiNDQ3YTQ2NGEiLCJ1c2Vyb",
    "access": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c"
}
{
    "detail": "No active account found with the given credentials"
}
{
    "message": "Rate limit exceeded"
}

After obtaining your Token, you can authenticate to the ZapSign endpoints by including your token in the "Authorization" header of your request, using the prefix "Bearer". Example:

  'headers': {
    'Content-Type': 'application/json',
    'Authorization': 'Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ0b2tlbl90eXBlIjoiYWNjZXNzIiwiZXhwIjoxNzA5ODIwMTQxLCJqdGkiOiIxMGM4YmVhOTkxNDM0ZGU5OWQxNmViMGE2ZTA3MTU1YyIsInVzZXJfaWQiOjEsInR5cGUiOiJwdWJsaWMifQ.GhMKXDyiidHrWCSmU3I9e6-zDm61mBmDqEavir4IW0c'
  },

After one hour, you will need to authenticate again. See how to do this in the chapter "

Refresh Your Access Token".