Authentication

Gravity utilizes API Keys and access tokens for request authentication. To obtain a new API Key, navigate to your Settings page on the Gravity portal.

API keys are specific to each correspondent and must be stored securely. Ensure you do not expose your secret API keys in public places (like Github or client-side code).

Access tokens are acquired dynamically through the token endpoint. These tokens remain valid for 24 hours from creation but can be revoked earlier. In the event of an Unauthorized error, your application should automatically request a new access token and retry the operation.