Turnqey Developer Documentation

Generate authentication token

POST/v1/api/tokenNo auth

Creates a JWT for API authentication using client credentials. Access tokens are valid for one hour - generate a new token each hour. Use it in the Authorization header as "Bearer {token}".

View full reference for this endpoint →

Request body

clientIdstringrequired

Your Turnqey client ID.

clientSecretstringrequired

Your Turnqey client secret.

Response

result.tokenstring

JWT bearer token.

result.expiresInnumber

Token lifetime in seconds.

Error responses

400Bad RequestMalformed request or missing/invalid parameter.

401UnauthorizedToken missing, expired, or invalid - request a new token.

403ForbiddenAccess denied or partner not authorized for this resource.

404Not FoundResource not found - check the ID, collection, or identity.

422Unprocessable EntityRequest understood but cannot be processed.

429Too Many RequestsRate limited - back off and retry with jitter.

500Server ErrorUpstream or server failure - retry with backoff, then fail gracefully.

All errors share a standard envelope:

{
  "isError": true,
  "responseException": {
    "exceptionMessage": "Request denied. Unauthorized access."
  },
  "statusCode": 401
}

Try it

Request body (JSON)

curl --request POST \  --url 'https://api.turnqey.xyz/v1/api/token' \
  --header 'Content-Type: application/json' \
  --data ''

Example response200

{
  "isError": false,
  "message": "Success",
  "result": {
    "token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
    "expiresIn": 3600
  },
  "statusCode": 200
}