Authentication Overview
FileSpin supports three authentication methods. Choose the one that best fits your use case.
| Method | Header | Best For |
|---|---|---|
| API Key | X-FileSpin-Api-Key: {API_KEY} | Server-to-server integration, backend services, scripts |
| JWT Bearer Token | Authorization: Bearer {JWT} | Web applications, single-page apps, interactive sessions |
Choosing the Right Method
| Consideration | API Key | JWT | |---|---|---|---| | User interaction required | No | Yes (login) | | Token lifetime | Long-lived | 24 hours | | Scoped access | No (full access) | No (full access) | | Refresh mechanism | N/A | Re-login | | Best security model | Server-side only | Short-lived, user-bound |