--- title: "DWS Viewer API backend authentication" canonical_url: "https://www.nutrient.io/guides/dws-viewer/developer-guides/backend-authentication/" md_url: "https://www.nutrient.io/guides/dws-viewer/developer-guides/backend-authentication.md" last_updated: "2026-05-25T18:42:17.747Z" description: "Learn how to authenticate your backend services with DWS Viewer API using API keys or JSON Web Tokens (JWTs)." --- # DWS Viewer API backend authentication Requests to the DWS Viewer API are protected by a secret API key. ## API key authentication The API key for your DWS Viewer API application can be retrieved from the [dashboard](https://www.nutrient.io/guides/dws-viewer/getting-started.md). Because the API allows full access to data stored in your DWS Viewer API application, it’s only meant to be used by your backend services, which we assume are fully trusted. To view documents from DWS Viewer API in the browser using Nutrient Web SDK, you’ll need to use [session tokens](https://www.nutrient.io/guides/dws-viewer/developer-guides/generate-a-session-token.md) that can be handed out to users. ### Using the API key Each API request needs to be authenticated by providing the `Authorization: Bearer your_api_key_here` header: ### Shell ```shell curl -X POST https://api.nutrient.io/viewer/documents \ -H "Authorization: Bearer your_api_key_here" \ -H "Content-Type: application/pdf" \ --fail \ -F file=@document.pdf ``` ### Shell (Windows) ```powershell curl -X POST https://api.nutrient.io/viewer/documents ^ -H "Authorization: Bearer your_api_key_here" ^ -H "Content-Type: application/pdf" ^ --fail ^ -F file=@document.pdf ``` ### HTTP ```http POST https://api.nutrient.io/viewer/documents HTTP/1.1 Content-Type: multipart/form-data; boundary=--customboundary Authorization: Bearer your_api_key_hereContent-Type: application/pdf --customboundary Content-Disposition: form-data; name="file"; filename="document.pdf" Content-Type: application/pdf (file data) --customboundary-- ``` ## JSON Web Token (JWT) authentication API key authentication falls short when you require more granular control over the permissions of the client making the request. In such cases, you can use JWT-based authentication via API access tokens. ### Creating an API access token To authenticate, you need to generate an API access token using the API key via the [`POST /viewer/tokens`](https://www.nutrient.io/api/reference/viewer/public/#tag/Authorization/operation/generate-session-token) endpoint: ### Shell ```shell curl -X POST https://api.nutrient.io/viewer/tokens \ -H "Content-Type: application/json" \ -H "Authorization: Bearer your_api_key_here" \ --fail \ -d '{ "allowed_documents": [ { "document_id": "", "document_permissions": [ "read", "write", "download" ] } ], "exp": 1793769299 }' ``` ### Shell (Windows) ```powershell curl -X POST https://api.nutrient.io/viewer/tokens ^ -H "Content-Type: application/json" ^ -H "Authorization: Bearer your_api_key_here" ^ --fail ^ -d "{\"allowed_documents\": [{\"document_id\": \"\", \"document_permissions\": [\"read\", \"write\", \"download\"]}], \"exp\": 1793769299}" ``` ### HTTP ```http POST https://api.nutrient.io/viewer/tokens HTTP/1.1 Content-Type: application/json Authorization: Bearer your_api_key_here { "allowed_documents": [ { "document_id": "", "document_permissions": [ "read", "write", "download" ] } ], "exp": 1793769299 } ``` You can then retrieve the JWT from the response: ```json { "jwt": "" } ``` > API access tokens can be created with additional optional claims to further control their properties. Refer to our [API reference](https://www.nutrient.io/api/reference/viewer/public/#tag/Authorization/operation/generate-session-token) to learn more. ### Using an API access token API requests need to be authenticated by providing the `Authorization: Bearer your_jwt_goes_here` header: #### Upload a document ### Shell ```shell curl -X POST https://api.nutrient.io/viewer/documents \ -H "Accept: application/json" \ -H "Authorization: Bearer your_jwt_goes_here" \ -H "Content-Type: application/pdf" \ --fail \ -F file=@document.pdf ``` ### Shell (Windows) ```powershell curl -X POST https://api.nutrient.io/viewer/documents ^ -H "Accept: application/json" ^ -H "Authorization: Bearer your_jwt_goes_here" ^ -H "Content-Type: application/pdf" ^ --fail ^ -F file=@document.pdf ``` ### HTTP ```http POST https://api.nutrient.io/viewer/documents HTTP/1.1 Content-Type: multipart/form-data; boundary=--customboundary Accept: application/jsonAuthorization: Bearer your_jwt_goes_hereContent-Type: application/pdf --customboundary Content-Disposition: form-data; name="file"; filename="document.pdf" Content-Type: application/pdf (file data) --customboundary-- ``` #### Getting documents ### Shell ```shell curl -X GET https://api.nutrient.io/viewer/documents \ -H "Accept: application/json" \ -H "Authorization: Bearer your_jwt_goes_here" \ --fail ``` ### Shell (Windows) ```powershell curl -X GET https://api.nutrient.io/viewer/documents ^ -H "Accept: application/json" ^ -H "Authorization: Bearer your_jwt_goes_here" ^ --fail ``` ### HTTP ```http GET https://api.nutrient.io/viewer/documents HTTP/1.1 Content-Type: multipart/form-data; boundary=--customboundary Accept: application/jsonAuthorization: Bearer your_jwt_goes_here --customboundary-- ``` --- ## Related pages - [Architecture of DWS Viewer API integration](/guides/dws-viewer/developer-guides/architecture.md) - [Generate a session token](/guides/dws-viewer/developer-guides/generate-a-session-token.md) - [DWS Viewer API developer guides](/guides/dws-viewer/developer-guides.md) - [Dashboard](/guides/dws-viewer/developer-guides/dashboard.md) - [Deployment options](/guides/dws-viewer/developer-guides/deployment-options.md) - [Open a document in Web SDK](/guides/dws-viewer/developer-guides/open-a-document-in-web.md) - [DWS Viewer API client authentication flow](/guides/dws-viewer/developer-guides/client-authentication-flow.md) - [Upload documents](/guides/dws-viewer/developer-guides/upload-documents.md) - [Integrate DWS Viewer API with your own backend](/guides/dws-viewer/developer-guides/use-with-your-backend.md)