Obtain Tokens

All calls to the Unfolded API must be authenticated with an Unfolded JWT access token. Each access token is tied to a user account and ensures that you are allowed to access the specific resources and services that you have access to (and also ensures that other users are prevented from doing so).

Access Token

You can get an access token at:

An access token allows API calls to access the same resources (maps, datasets, etc) that your user account is allowed to access in our application. The token will expire after a given time period, and you will need to visit this page again to get a new one. This token should be kept safe, as it will allow anyone who has it access to your data until it expires.

Refresh Token

A refresh token is a special kind of token used to acquire an access token. Unfolded uses refresh token rotation, which means that each time you use a refresh token, a new refresh token will be included in the response and the old token will be invalidated. This rotation reduces the risk of a compromised refresh token, but it means the caller is responsible for managing new refresh tokens as they are issued.

You can get a refresh token at:

Use Tokens

If you are using the REST API, you need to provide the access token in each request.

If you are using a language specific binding, authentication with a refresh token only needs to be done once

from unfolded.data_sdk import DataSDK
data_sdk = DataSDK(refresh_token='v1.ABC...')
uf-data-sdk store-refresh-token
curl -X POST
-H 'Authorization: Bearer <token>' \
-H 'Content-Type: text/csv'
--data-binary '@/path/to/my_dataset.csv'







Your refresh token retrieved from

Authentication Errors

API calls that are unauthorized, do not include a token, include an expired or malformed token, etc., will return an appropriate error in the response.

Did this page help you?