Neon uses 3 basic forms of authentication, depending on the use case:
POST /access-tokensendpoint of the API. You will be given back a long string that is a JWT token, and will be placed into all authenticated requests to the Neon API. Note that all JWT tokens have a maximum time to live of 1 hour, but can be renewed indefinitely by using the
/api-keysendpoint (POST and GET, respectively). You convert an API key to a JWT token using the
POST /api-keys/access-tokenendpoint. The API key runs with the privileges of the user that created it. Once you have its JWT token, it is used the same as one created via username/password. Be aware that while an API key can live for up to 1 year, the tokens generated by it only last for up to an hour, same as the ones generated by username/password. Use the
/access-tokens/refreshendpoint to keep them alive.
For your first use of the API, we want to authenticate with your username and password from the website. Go to the API Browser, and expand the
POST /access-tokens endpoint, and hit the "Try It Out" button. That will make the request editable. Now make these changes:
Now hit the "Execute" button! If all went well, you'll get a response that looks like this:
Congrats! You have managed to generate a login token. Copy the contents of the token field, and scroll up until you see the "Authorize" button near the top of the page. Hit that button, and in the value field enter your token.
So, if your token was 1234abcd, you would put
1234abcd in the field, and press "Authorize", then hit "Done"
Finally, test your login by expanding the
GET /users/self endpoint, and hitting "Try it out", and "Execute". If you are not logged in, this endpoint won't work - but if you are, it should give you the contents of the JWT token that you just put into the authenticator.