Authentication
Before you can submit any requests to the smartextract API, you need to create a user account. After that, it is necessary to send an authentication request to the API with your username and password. The response contains a bearer token which should be included in all API requests as an HTTP header:
Authorization: Bearer API_TOKEN
The smartextract API provides two distinct login mechanisms:
- long-lasting API keys, recommended for use in production, and
- short-lived JWT tokens, recommended for development and testing.
Creating a long-lasting API key
Regular, persistent API keys can be created in smartextract's web interface by selecting API keys in the My account menu.
When creating an API key, you can add a descriptive name and an optional expiration date. Keep in mind that anyone in possession of your API key can make API requests on your behalf, so it should remain private. We recommend to rotate your API keys periodically, say once a month.
Creating a short-lived token
Short-lived tokens are valid for 24 hours and cannot be revoked after creation.
You can obtain such an authentication token with a POST request to
/auth/jwt/login:
curl -X 'POST' 'https://api.smartextract.ai/auth/jwt/login' \
-H 'Accept: application/json' \
-F 'username=USERNAME' \
-F 'password=PASSWORD'
import httpx
response = httpx.post(
url='https://api.smartextract.ai/auth/jwt/login',
headers={
'Accept': 'application/json',
},
data={
'username': 'USERNAME',
'password': 'PASSWORD'
}
)
token = response.json()['access_token']
print(token)
Your new API token will be included in the access_token property of the
response.