JWT Bearer Tokens

The Lockstep platform supports modern authentication strategies including JWT Bearer Tokens and API Keys . The JWT Bearer Token process is intended for use with interactive processes that redirect the user to a Lockstep-provided OAuth page, and the API key process is intended for use with unattended processes that make API calls without presenting a user interface to the end customer.

What is a JWT bearer token?

The JWT bearer token process is intended to allow a visitor to interactively authenticate against the Lockstep API and to generate a token that allows them to make API calls. You can use this process to allow your customers to authenticate and work with data seamlessly.

Because this process is interactive, we recommend API keys for background processes or for development work. Please contact a Lockstep development engineer and we'll assist you in generating an API key.

Visit Lockstep Inbox

The Lockstep API comes with a free interactive application, Lockstep Inbox, that you can use to visualize data. You can create a free account today on Lockstep Inbox using these environment links below:

Sandboxhttps://app.sbx.lockstep.ioSandbox environment provides earlier updates and interactive demonstrations. Developers should begin work here.
Productionhttps://app.lockstep.ioProduction environment for working with live customer data.

Creating an interactively issued bearer token

Bearer tokens generated with this JWT process are issued by Microsoft Azure and must be created and renewed interactively. You can simulate the process of generating a JWT bearer token using the "Authentication" link on the Lockstep API server corresponding to the environment you wish to use.

Here's how to test the process to create an interactive bearer token:

  • Visit the Bearer Token page for the environment you are using
  • Click on the "Authenticate Your Account" link.
  • You will be redirected to a page that displays your JWT bearer token. This token is valid for a period of one hour.
EnvironmentBearer Token Page
Sandboxhttps://api.sbx.lockstep.ioSandbox environment provides earlier updates and interactive demonstrations. Developers should begin work here.
Productionhttps://api.lockstep.ioProduction environment for working with live customer data.

Once you have completed this process, the bearer token can now be used in the Lockstep API Reference pages to fetch data and make API calls.

Authenticating with a JWT Bearer Token

To make an API call using API Key authentication, add the header Authorization to your request as shown in this example:

> curl -X 'GET' \
  'https://api.sbx.lockstep.io/api/v1/Companies/query?name startswith A' \
  -H 'accept: application/json' \
  -H 'Authorization: Bearer **REDACTED**'

Implementing interactive bearer tokens in your application

Lockstep onboarding partner engineers will assist you in linking the interactive bearer token generation process into your application. Please contact us and we'll work with you to set up your project.