The Management API is secured by Bearer authentication and a rate limit.
When making an API request to the Management API, you must include a secret within the header of the call and respect the rate limit of 60 requests/minute.
Prerequisite
Item | Description |
---|---|
Secret | Security token authorizing access to the Management API and its resources
Follow these steps to obtain a JWP API secret:
|
If someone has your API secret, that person has many account privileges.
Keep your secret secure!
Do not share your API secret in environments, such as the following:
- Online forums
- StackOverflow
- Client-side code
- GitHb repositories (public or private)
Follow best practices to handle secrets.
If a security breach occurs with a v2 secret, you can delete the affected secret and generate a new secret from your JWP dashboard.
Authenticate a request
Direct Requests to the Management API
When you make an API call, add your secret to an Authorization
header of your API request to authenticate the request.
curl -X POST https://api.jwplayer.com/v2/{resource} \
-H 'Authorization: Bearer {api_secret}' \
...
Requests from within the API Documentation
You can make API requests to explore the Management API from within JWP's interactive API reference:
- Understanding how to structure API requests for resources
- Evaluating the returned API responses for your specific properties
Follow these steps to authenticate an API request from the API documentation:
- In the API reference documentation, under AUTHORIZATION in the Header field, enter Bearer followed by your secret.
Bearer 123Four56==7123Four56==7
- Click Try It! to initiate the API request.
Your authentication will persist until you end your browser session or refresh the browser page.
API calls made via the API reference documentation will affect the content of your account and count toward the usage and rate limits of your account.
Rate Limit
The Management API rate limit is 60 requests/minute. Calls that exceed this rate will not be executed and will return a 429 status error.
If your implementation exceeds this rate limit, contact the JWP Support team. The team can evaluate your implementation and provide options to address your requirements.
Locate the rate limit
The rate limit and remaining allowed requests are returned in the headers of an API response.
jw-request-limit: 60
jw-request-remaining: 37
Property | Description |
---|---|
jw-request-limit number | Rate limit in requests/minute |
jw-request-remaining number | Remaining API requests permitted before reaching the rate limit
In the example above, when the API request was made, only 37 API requests could still be made before reaching the rate limit. |