2. Token Authentication

The Monitor+ API uses ‘session’ tokens to authenticate and identify each user to the server. The user requests a session token using their user name and password and, once a token has been received from the server, it can be used in all further data ands metadata endpoints (API requests). Tokens automatically expire after 20 minutes of inactivity (default) or the user defined token life time that was set when creating the token. Live tokens are automatically restored to full every time an endpoint (that uses the token) is called successfully.

With the authentication endpoints you can create, revoke, extend or query the remaining life of a session token.

• Use the GetSessionToken endpoint to get a new token (using your username and password).
• Use the RenewSessionToken endpoint to renew an existing token to full life.
• Use the RevokeSessionToken endpoint to revoke (cancel) a token.
• Use the SessionTokenExpires endpoint to query the remaining life of a token.

Once you have authenticated (and received a session token), you can use the session token with the metadata endpoints to locate all available datasources or the datasources to which your subscription provides access.

Session tokens are required to get both price data and ‘favorites’ metadata from the server. Please refer to the documentation for each individual endpoint in section 2.0 of this help file for more details.

All four authentication endpoints use no API tokens but are restricted to 3 requests per second each.
Please refer to section 8.2 for details on API rate limits.