Skip to main content

Authentication

Lochting is committed to providing a secure and user-friendly experience, and as part of our authentication process, we utilize JSON Web Tokens (JWT). JWT tokens have become a widely adopted industry standard for robust authentication and authorization in modern web applications.

When users access Lochting, their credentials are verified, and upon successful authentication, an access token and a refresh token are issued. The access token serves as a temporary credential, granting users access to protected resources and functionalities within Lochting. These access tokens remain valid for a day, ensuring a balance between security and user convenience.

Refresh tokens play a pivotal role in maintaining seamless user sessions. With a lifespan of three days, refresh tokens provide an extended duration for accessing Lochting without requiring users to repeatedly log in. When an access token expires, users can utilize their refresh token to obtain a new access token, ensuring uninterrupted access to Lochting's features.

To obtain an access token, users can easily contact us by visiting our official website to request their API key. This API key serves as the authentication mechanism to retrieve the access token securely. Our dedicated support team will promptly assist users in obtaining their API key, ensuring a smooth and secure authentication process within Lochting.

Access to the API is granted based on the scope of the API key. The following scopes are available:

  • orders
  • reservations
  • shipments
  • webhooks