Authentication

Obtain a Bearer token using your API client credentials.

All Welkin API requests require a Bearer token. Tokens are obtained by calling the token endpoint with your API Client Key and Secret, which are generated in the Welkin Admin panel.

Tokens are valid for 1 hour. Cache your token and refresh it before expiry. Requesting a new token more than 100 times per 5 minutes will result in a 5-minute block.

Endpoint

POST /auth/token

Base URL: https://api.welkinhealth.com

Request

Headers

Header

Value

Content-Type

application/json

Body Parameters

Parameter

Type

Required

Description

secret

string

Yes

API Client secret generated in Admin

apiClient

string

Yes

API Client key generated in Admin

Example Request

POST https://api.welkinhealth.com/auth/token
Content-Type: application/json

{
  "secret": "your-api-client-secret",
  "apiClient": "your-api-client-key"
}

Response

200 OK

{
  "token": "eyJhbGciOiJSUzI1NiJ9...",
  "expiresAt": "2026-03-19T14:00:00Z"
}

Field

Type

Description

token

string

Bearer token to use in subsequent API requests

expiresAt

string

ISO 8601 timestamp when the token expires

Using the Token

Include the token in the Authorization header of every subsequent request:

Authorization: Bearer eyJhbGciOiJSUzI1NiJ9...

Setting Up an API Client

Log in to your Welkin Admin panel
Navigate to Admin → API Clients
Create a new client and assign a Security Policy
Copy the generated Key and Secret — the secret is shown only once

See Core Concepts for more on Security Policies and Roles.

PreviousDeveloper & Integration Guide NextCore Concepts

Last updated 2 months ago

Was this helpful?