Skip to main content

Authentication

Both the REST API and the streaming API authenticate with short-lived JWTs.

  • REST — send the token in the Authorization: Bearer <jwt> header.
  • Streaming — pass a connection token when opening the WebSocket, and a subscription token per private channel (Centrifugo's token model).

The token-issuance endpoint and the exact claims will be documented here once the auth service is wired up. For now this page is a placeholder.