Welcome to the Quote3D Documentation!
Quote3D LogoQuote3DDocumentation

Authentication

Quote3D secures API endpoints with API tokens. Start external requests with https://api.quote3d.com/v2 and send the same token either as Authorization: Bearer YOUR_TOKEN_HERE or as X-API-Token: YOUR_TOKEN_HERE.

How Authentication Works

  1. Register and log in to your Quote3D account.
  2. Generate an API token from your dashboard under the "Tokens" tab.
  3. Include the token in your API requests. Authorization: Bearer is supported, and X-API-Token is also accepted:
    Authorization: Bearer YOUR_TOKEN_HERE
  4. The server verifies your token and grants access if it is valid and unexpired.

Token Format

Quote3D tokens are bearer-style API credentials. Clients should treat them as opaque secrets and avoid depending on the token's internal structure.

A JWT consists of three parts:

  1. Header: Specifies the signing algorithm and token type.
  2. Payload: Contains user data and claims (like user ID, email, and expiration time).
  3. Signature: Verifies that the token has not been tampered with.

A token may look like this:

<base64url-encoded header>.<base64url-encoded payload>.<base64url-encoded signature>

For integrations, the important rule is simple: store the token securely, send it on each request, and avoid parsing or exposing it in client code unless the integration explicitly requires a client-side token.

Example: Using Your Token

Here is how you might use your token with curl. Use one authentication header style consistently:

curl -H "Authorization: Bearer YOUR_TOKEN_HERE" https://api.quote3d.com/v2/user

Or in the API playground, paste your token into the authorization modal (lock icon) to authenticate your session. You can also use X-API-Token in custom integrations if that header fits better.

Keep your token secret! Treat it like a password—never share it or expose it in public code repositories.