Overview
This documentation covers how to generate tokens required for embedding Cekura agents in your website or application.Base URL
Authentication Endpoint
Generate Agent Embed Token
Request Headers
| Header | Description |
|---|---|
| Content-Type | application/json |
Request Body
Parameters
api_key(string, required): Your unique API key for authenticationagent_id(integer, required): The unique identifier of the agent you want to embed
Response
A successful request will return both refresh and access tokens required for agent embedding.Success Response Example
Response Fields
refresh(string): JWT refresh token used to obtain new access tokens when they expireaccess(string): JWT access token used for embedding the agent
Error Responses
| Status Code | Description |
|---|---|
| 400 | Invalid request parameters |
| 401 | Invalid or missing API key |
| 403 | Unauthorized access |
| 500 | Internal server error |
Implementation Steps
- Obtain your API key from the Cekura dashboard
- Make a POST request to the token generation endpoint
- Store both the access and refresh tokens securely
- Use these tokens when implementing the agent embed widget
- Implement token refresh logic to maintain continuous agent functionality
Token Usage
- The access token is required when initializing the agent embed widget
- Access tokens expire after 24 hours (1 day)
- Access tokens have a limited lifetime and will need to be refreshed
- Use the refresh token to obtain new access tokens when they expire
Security Considerations
- Store your API key securely
- Use HTTPS for all API calls
- Never expose your API key or tokens in client-side code
- Implement proper error handling for failed token generation
- Store tokens securely and clear them when removing the agent embed