• Learn
  • LoRaWAN
  • Quick Start
  • Applications & Integrations
  • Devices & Gateways
  • Migrating to The Things Stack Community Edition
  • V2 Docs (Outdated)

Applications

    Overview
  • Add an Application
  • Build an Application
  • APIs

  • Overview
  • Application Manager API
    • API Reference
    • Authentication
    • Usage
  • Data API (MQTT)
  • SDKs & Libraries

  • Overview
  • Go
  • Java
  • Node-RED
  • Node.js
  • Python
  • Integrations

  • EVRYTHNG
  • Overview
  • AllThingsTalk
  • AWS IoT
  • Cayenne
  • Collos
  • HTTP
  • OpenSensors
  • Smart Office Kit
  • Storage
  • Tago
  • ThingSpeak
  • TTN Mapper

Authentication

Currently, there are two methods of authenticating to the gRPC and HTTP APIs:

  • Bearer token: OAuth 2.0 Bearer JSON Web Tokens (preferred)
  • Access keys: Application access keys (only for ApplicationManager API)

Bearer Token

This authentication method is the preferred method of authenticating.

gRPC

You can authenticate to the gRPC endpoint by supplying a token field in the Metadata. The value of this field should be the JSON Web Token.

Example (Go):

md := metadata.Pairs(
  "token", "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJhcHBzIjp7InRlc3QiOlsic2V0dGluZ3MiXX19.VGhpcyBpcyB0aGUgc2lnbmF0dXJl",
)
ctx := metadata.NewOutgoingContext(context.Background(), md)

HTTP

For HTTP Endpoints, you should supply the Authorization header: Authorization: Bearer <token>.

Example:

Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJhcHBzIjp7InRlc3QiOlsic2V0dGluZ3MiXX19.VGhpcyBpcyB0aGUgc2lnbmF0dXJl

Access Key

With this authentication method, the server will exchange an Access Key for a Bearer Token internally.

gRPC

You can authenticate to the gRPC endpoint by supplying a key field in the Metadata. The value of this field should be the Application access key.

Example (Go):

md := metadata.Pairs(
  "key", "ttn-account-v2.n4BAoKOGuK2hj7MXg_OVtpLO0BTJI8lLzt66UsvTlUvZPsi6FADOptnmSH3e3PuQzbLLEUhXxYhkxr34xyUqBQ",
)
ctx := metadata.NewOutgoingContext(context.Background(), md)

HTTP

For HTTP Endpoints, you should supply the Authorization header: Authorization: Key <key>.

Example:

Authorization: Key ttn-account-v2.n4BAoKOGuK2hj7MXg_OVtpLO0BTJI8lLzt66UsvTlUvZPsi6FADOptnmSH3e3PuQzbLLEUhXxYhkxr34xyUqBQ