Skip to main content
To use JWT authentication in client-side code. Create your account at the API Key Management Dashboard.

JWT Authentication Flow

1. User Login

If you already have an account created you can authenticate with email and password to receive JWT tokens: 
curl -X POST https://api.finvera.news/kms/api/v1/auth/token \
  -H "Content-Type: application/json" \
  -d '{
    "email": "[email protected]",
    "password": "your_password"
  }'
Response: 
{
  "message": "Authentication successful",
  "expires_in": 3600
}
The response sets secure HTTP-only cookies:
  • DT_AUTH_TOKEN: Access token (1 hour expiry)
  • DT_REFRESH_TOKEN: Refresh token (30 days expiry)

2. Token Refresh

Automatically refresh expired access tokens: 
curl -X POST https://api.finvera.news/kms/api/v1/auth/refresh \
  -H "Cookie: DT_REFRESH_TOKEN=your_refresh_token"
Response: 
{
  "message": "Token refreshed successfully", 
  "expires_in": 3600
}

4. Token Validation

Validate tokens and retrieve user information: 
curl -X GET https://api.finvera.news/kms/api/v1/auth/validate \
  -H "Authorization: Bearer your_access_token"
Response: 
{
  "user_id": "uuid",
  "email": "[email protected]", 
  "username": "user123",
  "licensing_tier_id": "enterprise"
}

Implementation Examples

React / Next.js Application

// Authentication service
class AuthService {
  async login(email, password) {
    const response = await fetch('/api/v1/auth/token', {
      method: 'POST',
      headers: { 'Content-Type': 'application/json' },
      body: JSON.stringify({ email, password }),
      credentials: 'include' // Include cookies
    });
    
    if (!response.ok) {
      throw new Error('Authentication failed');
    }
    
    return response.json();
  }
  
  async makeAuthenticatedRequest(url, options = {}) {
    return fetch(url, {
      ...options,
      credentials: 'include', // Include auth cookies
      headers: {
        ...options.headers,
        'Content-Type': 'application/json'
      }
    });
  }
}

Python Client

import requests
from datetime import datetime, timedelta

class FinveraClient:
    def __init__(self, base_url="https://api.finvera.news"):
        self.base_url = base_url
        self.access_token = None
        self.refresh_token = None
        self.token_expires_at = None
    
    def login(self, email, password):
        response = requests.post(
            f"{self.base_url}/kms/api/v1/auth/token",
            json={"email": email, "password": password}
        )
        response.raise_for_status()
        
        data = response.json()
        self.access_token = data.get("token")
        self.refresh_token = data.get("refresh_token")
        self.token_expires_at = datetime.now() + timedelta(seconds=data.get("expires_in", 3600))
    
    def make_request(self, endpoint, **kwargs):
        if self._token_expired():
            self._refresh_token()
        
        headers = kwargs.get("headers", {})
        headers["Authorization"] = f"Bearer {self.access_token}"
        kwargs["headers"] = headers
        
        return requests.get(f"{self.base_url}{endpoint}", **kwargs)
For further details, explore each API section with code examples and integration tips.