Getting Started
Overview Supported Languages File Types Test Mode Postman Collection Tools and APIsPricing
Pricing Calculate Credit Usage Pricing per ToolDeveloper Guides
API Overview Authentication Errors Combine Workflows Performance PDF Generation API ReferenceSupported Languages
Java C# JavaScript Python PHP Other Languages Deployment Options Security Privacy Support About NutrientNutrient DWS API uses an HTTP authentication header to map each request made to the API to the user making the request. It’s possible to either use an API token or generate a JSON Web Token (JWT) to authenticate your requests.
API Token
You’re required to provide your API token in the authentication header with each request you make. Otherwise, an error will be returned by the API.
The authentication header has the following shape:
Authorization: Bearer your_api_key_here
your_api_key_here can be either your live API key or your test API key.
JWT
You can also generate a JWT to authenticate your requests. It’s possible to generate a JWT using your API key. The JWT has a benefit of being able to customize the operations and origins that the token can access. The token can be time-limited for the security of your application. Also the token can be revoked at any time, contrary to the API key, which can only be regenerated.
For example, you can generate a token that can only access the pdfa_api operation and can only be used from the www.origin1 origin. In this way, the token may be shared with a third-party service that will only be able to access the pdfa_api operation from the www.origin1 origin, without having access to other operations or origins.
Note that if the JWT has origin restrictions, the request must include the Origin header with the origin the token was generated for. If the Origin header isn’t provided, the request will be rejected. If origin restrictions aren’t set, the Origin header isn’t required.
The JWT can be generated using the following endpoint:
POST /tokensThe request body may contain the following JSON object, which customizes the generated token:
{
"allowedOperations": ["operation1", "operation2"],
"allowedOrigins": ["www.origin1", "wwww.origin2"],
"expirationTime": integer
}-
allowedOperations— An array of strings that represent the operations that the token can be used to access. If not provided, the token will have access to all operations. Allowed operations are:-
annotations_api -
compression_api -
data_extraction_api -
digital_signatures_api -
document_editor_api -
html_conversion_api -
image_conversion_api -
image_rendering_api -
email_conversion_api -
linearization_api -
ocr_api -
office_conversion_api -
pdfa_api -
pdf_to_office_conversion_api -
redaction_api
-
-
allowedOrigins— An array of strings that represent the origins the token can be used to access. If not provided, the token will have access to all origins. -
expirationTime— An integer that represents the expiration time of the token in seconds. If not provided, the token will expire in 1 hour.
The generated token will be returned in the response body:
{
"id": "your_token_id",
"accessToken": "your_jwt"
}It’s also possible to revoke a token using the following endpoint:
DELETE /tokens
token_id is the ID of the token you want to revoke.
The body should be:
{
"id": "your_token_id"
}