Authentication
You can call the API in two ways: with a JWT (for user or admin sessions) or with an API key (for server-to-server or integrations).
API key (recommended for integrations)
Send your API key in the request header:
X-API-Key: ttx_your_api_key_hereAlternatively, some clients support:
Authorization: Bearer ttx_your_api_key_hereAPI keys are tied to a brand/tenant and may have read or write scope. Create and manage keys from the platform (or via the auth API) after logging in.
JWT (browser or user sessions)
After a user or admin logs in, the API returns a JWT. Send it as:
Authorization: Bearer <jwt-token>Use the login endpoint to obtain a token; use refresh to get a new one when it expires. JWT is typically used by the Platform and Storefront apps for logged-in users.
Example request
curl -X GET 'https://api.example.com/api/v1/health' \
-H 'X-API-Key: ttx_xxxxx'Replace the URL and key with your environment’s base URL and a valid API key.
Last updated on