Authentication #

The Tracx Connect API uses token-based authentication with two types of tokens:

• Connect Token: Used to request a session token.
• Session Token: Required to access protected API endpoints.

Note: Session tokens expire after a set time and must be refreshed when expired.

Connect Token #

A connect token is required to generate a session token and defines the permissions of that session token.

For example, a connect token may allow generating session tokens that can list all events, but not add or update participants.

Obtaining a Connect Token #

To obtain a connect token, contact Tracx at:

team@tracx.events

All connect tokens can be managed via the Tracx Dashboard:

https://dashboard.tracx.events

Session Token #

A session token is required to access any protected endpoint in the Tracx Connect API.

Generate a Session Token #

To generate a session token, send a POST request with your connect token in the Authorization header.

Endpoint #

POST https://api.tracx.events/v1/connect/session-token

Headers #

{
  "Accept": "application/json",
  "Authorization": "<connect-token>"
}

Example cURL Request #

curl --request POST \
  --url https://api.tracx.events/v1/connect/session-token \
  --header 'Accept: application/json' \
  --header 'Authorization: <connect-token>'

Sample Response #

{
  "data": {
    "token": "json.web.token",
    "expires_at": 1741966278
  }
}

Response Fields #

Notes #

• Include the session token in the Authorization header for all subsequent API requests.
• The expires_at value is a UNIX timestamp in UTC.
• When the session token expires, you must generate a new session token using your connect token.

Security Best Practices #

• Store API tokens securely and never expose them in client-side code.
• Regenerate session tokens periodically to minimize security risks.
• Implement proper error handling and logging in your integration.