Authentication API (API Keys & JWT)
AstroAPI uses secure API key and token-based authentication for all
protected endpoints. Credentials must be included in the
Authorization header for authenticated requests.
This page explains how API keys work, how users authenticate, and how to include tokens in your API calls.
API Key Format
All AstroAPI keys follow this format:
sk_live_xxxxxxxxxxxxxxxxxxxKeep API keys private. Never expose them in public repositories, client-side JavaScript, or browser-based applications.
Authentication API Endpoint
POST https://api.astroapi.io/v1/auth/login
Authentication Request Body
| Field | Type | Required | Description |
|---|---|---|---|
email |
string | Yes | User email address. |
password |
string | Yes | User password. |
Authentication Response
A successful authentication returns a JWT token and user metadata.
{
"token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
"user": {
"id": 42,
"first_name": "John",
"last_name": "Doe",
"email": "john@example.com"
}
}Using the JWT Token
Include the token in the Authorization header for all protected requests:
Authorization: Bearer YOUR_JWT_TOKEN// JavaScript — Authentication Example
fetch("https://api.astroapi.io/v1/auth/login", {
method: "POST",
headers: {
"Content-Type": "application/json"
},
body: JSON.stringify({
email: "john@example.com",
password: "mypassword123"
})
})
.then(res => res.json())
.then(data => {
console.log("Token:", data.token);
console.log("User:", data.user);
});# Python — Authentication Example
import requests
url = "https://api.astroapi.io/v1/auth/login"
payload = {
"email": "john@example.com",
"password": "mypassword123"
}
response = requests.post(url, json=payload)
data = response.json()
print("Token:", data["token"])
print("User:", data["user"])