Authentication and Rate Limit

The Management API is secured by Bearer authentication and a rate limit.

When making an API request to the Management API, you must include a secret within the header of the call and respect the rate limit of 60 requests/minute.



Prerequisite

Item Description
Secret Security token authorizing access to the Management API and its resources

Follow these steps to obtain a JWP API secret:
  1. On the API Credentials page, under v2 API Credentials, select a property from the dropdown menu.
  2. In the row of the relevant API key, click Show Secret.

    TIP: If no API keys exist, create a new API key.

  3. Click to copy the secret.

❗️

If someone has your API secret, that person has many account privileges.

Keep your secret secure!

Do not share your API secret in environments, such as the following:

  • Online forums
  • StackOverflow
  • Client-side code
  • GitHb repositories (public or private)

Follow best practices to handle secrets.

If a security breach occurs with a v2 secret, you can delete the affected secret and generate a new secret from your JWP dashboard.



Authenticate a request

Direct Requests to the Management API

When you make an API call, add your secret to an Authorization header of your API request to authenticate the request.

curl -X POST https://api.jwplayer.com/v2/{resource} \
    -H 'Authorization: Bearer {api_secret}' \
    ...

Requests from within the API Documentation

You can make API requests to explore the Management API from within JWP's interactive API reference:

  • Understanding how to structure API requests for resources
  • Evaluating the returned API responses for your specific properties
Authorization section of the API reference documentation

Authorization section of the API reference documentation


Follow these steps to authenticate an API request from the API documentation:

  1. In the API reference documentation, under AUTHORIZATION in the Header field, enter Bearer followed by your secret.
    Bearer 123Four56==7123Four56==7
    
  2. Click Try It! to initiate the API request.

Your authentication will persist until you end your browser session or refresh the browser page.

🚧

API calls made via the API reference documentation will affect the content of your account and count toward the usage and rate limits of your account.



Rate Limit

The Management API rate limit is 60 requests/minute. Calls that exceed this rate will not be executed and will return a 429 status error.

💡

If your implementation exceeds this rate limit, contact the JWP Support team. The team can evaluate your implementation and provide options to address your requirements.


Locate the rate limit

The rate limit and remaining allowed requests are returned in the headers of an API response.

jw-request-limit: 60
jw-request-remaining: 37
Property Description
jw-request-limit number Rate limit in requests/minute
jw-request-remaining number Remaining API requests permitted before reaching the rate limit

In the example above, when the API request was made, only 37 API requests could still be made before reaching the rate limit.