Skip to main content
The Chainworks API uses token-based authentication. The same token works on both transports; only where you put it differs.
  • Socket.IO sends the token once in the connection handshake (auth: { token }).
  • HTTP sends the token on every request in the Authorization header, as the raw token with no Bearer prefix.

Authentication Flow

  1. Obtain your API credentials (API URL and Auth Token)
  2. Provide the token: in the Socket.IO handshake, or in the HTTP Authorization header
  3. The server validates your token
  4. If valid, you can start making API requests

Connecting with Credentials

The token is validated once during the handshake.

Environment Variables

We recommend storing your credentials in environment variables:
.env

Connection Events (Socket.IO)

These lifecycle events apply to the Socket.IO transport. HTTP is stateless and has no connection events, so handle errors per request from the response instead. Handle connection lifecycle events to ensure robust operation:

Reconnection (Socket.IO)

Socket.IO automatically handles reconnection. You can configure the behavior:

Security Best Practices

  1. Never expose tokens in client-side code - Use server-side proxies for browser applications
  2. Rotate tokens regularly - Contact us to regenerate compromised tokens
  3. Use environment variables - Never hardcode tokens in source code
  4. Monitor usage - Track API calls to detect unauthorized access

Rate Limits

API rate limits depend on your subscription tier. Contact us for details about rate limits and quotas.

Next Steps