DocumentationAPI Endpoints
Documentation
Tokeny.com

Frequently Asked Questions (FAQ)

This section addresses common questions developers and integrators might have when working with the Tokeny API. It complements the existing documentation by clarifying certain concepts, sharing best practices, and offering guidance on less obvious aspects of API usage.

Suggest Edits

How can I refresh my JWT?

After the hour the JWT is valid for, you must call the sign-in endpoint again to get a new JWT.

What are the best practices for managing API authentication?

  • Keep your login details secure: Never expose login details in public repositories, client-side code, or shared documents.
  • Use variables: Store login details / API keys in environment variables or secure secrets' management solutions.
  • Rotate login details periodically: Regularly change password / regenerate API keys to reduce the risk of misuse if they are compromised.

What should I do if my login details are compromised?

  • Immediately revoke the compromised API key via the Tokeny Developer Portal.
  • Generate a new password/API key and update your application to use it.
  • Review logs for any unauthorized API activity and take appropriate measures.

How can I optimize API performance?

  • Batch requests: When possible, use endpoints that support batch operations to minimize the number of API calls.
  • Implement caching: Cache responses for static or infrequently changing data to reduce unnecessary API calls.
  • Respect rate limits: Monitor and stay within the API’s rate limits to avoid throttling or temporary bans.
  • Use webhooks: Leverage webhooks for real-time updates instead of polling the API.

What are the common reasons for 4XX errors?

  • 400 Bad Request: Usually due to malformed requests or missing required parameters. Double-check the API reference for the correct syntax.
  • 401 Unauthorized: Indicates invalid or missing authentication credentials. Ensure your JWT token is valid and included in the request headers.
  • 403 Forbidden: Occurs when the API key lacks the necessary permissions for the requested action.
  • 404 Not Found: Typically means the endpoint URL is incorrect or the requested resource doesn’t exist.

How do I handle rate limiting?

The Tokeny API can enforce rate limits to ensure fair usage. Please make sure to avoid sending excessive request to the API.

Can I test the API without affecting production data?

Yes, Tokeny provides a sandbox environment for testing purposes. The sandbox replicates the production environment but uses dummy data and testnets. Use your sandbox API login details to access this environment. Refer to the Sandbox Documentation for setup.

What measures are in place to ensure API reliability?

Tokeny’s API is built with reliability in mind:

  • High availability: Hosted on redundant infrastructure to ensure uptime.
  • Monitoring: Proactive monitoring and alerting minimize downtime and performance issues.
  • Status page: Check the system status page for real-time updates and incident reports.

Where can I get additional support?

If you have further questions, require assistance, or would like to suggest features or improvements for the API, here are the best options:

  1. Consult the documentation: The API Documentation covers endpoints, use cases, and examples.
  2. Community support: Engage with other developers.
  3. Contact support: Reach out to our support team via the Support Portal or email.

Updated 3 days ago