Authentication

Omdaa API supports short‑lived JWT tokens and long‑lived API keys. You must include one of them in every protected request.

Using JWT tokens

After a successful login you receive a JWT token that can be sent in the Authorization header.

Authorization: Bearer YOUR_JWT_TOKEN

API keys

API keys are ideal for long‑running integrations and server‑to‑server calls. They can be created using the dedicated endpoint.

"function">curl "keyword">-X POST https://omdaa.com/api/v1/api class="keyword">-keys/create \
  "keyword">-H "Authorization: Bearer YOUR_JWT_TOKEN" \
  "keyword">-H "Content"keyword">-Type: application/json" \
  "keyword">-d '{
  "name": "My API Key",
  "expiresAt": "2025-12-31"
}'

To authenticate using an API key, send it in the following header:

X-API-Key: omdaa_xxxxxxxxxxxxxxxxxxxxx

API Key Management

Get All API Keys

"function">curl "keyword">-X GET "https://omdaa.com/api/v1/api class="keyword">-keys" \
  "keyword">-H "Authorization: Bearer YOUR_JWT_TOKEN"

Update API Key

"function">curl "keyword">-X PUT https://omdaa.com/api/v1/api class="keyword">-keys/key"keyword">-id \
  "keyword">-H "Authorization: Bearer YOUR_JWT_TOKEN" \
  "keyword">-H "Content"keyword">-Type: application/json" \
  "keyword">-d '{
  "name": "Updated API Key Name"
}'

Revoke API Key

"function">curl "keyword">-X DELETE "https://omdaa.com/api/v1/api class="keyword">-keys/key"keyword">-id" \
  "keyword">-H "Authorization: Bearer YOUR_JWT_TOKEN"

Rotate API Key

"function">curl "keyword">-X POST "https://omdaa.com/api/v1/api class="keyword">-keys/key"keyword">-id/rotate" \
  "keyword">-H "Authorization: Bearer YOUR_JWT_TOKEN"

💡 Security Tips

Store API keys securely and never share them
Use JWT for temporary access and API keys for permanent access
Revoke unused keys immediately
Rotate keys regularly for better security