Authorization
100ms
Prerequisites
To authenticate Nexla with the 100ms API, you need a Management Token — a server-side JWT (JSON Web Token) that 100ms uses to authorize all REST API calls. The Management Token is distinct from the client-side App Token used by 100ms SDKs; it is intended exclusively for server-to-server communication and must never be exposed in client-side code.
Obtain Your 100ms App Access Key and App Secret
The Management Token is generated by signing a JWT payload using your App Access Key and App Secret, both of which are available in the 100ms Dashboard.
-
Log in to your 100ms Dashboard at dashboard.100ms.live.
-
Navigate to the Developer section in the left-hand navigation menu.
-
Locate your App Access Key and App Secret in the Developer section. These credentials uniquely identify your 100ms workspace and are required to generate a Management Token.
The App Access Key and App Secret are sensitive credentials. Each workspace has a unique set of credentials, so ensure you are viewing the correct workspace before copying these values. Do not expose them in client-side code or public repositories.
Generate a Management Token
The Management Token is a signed JWT that must be created server-side using your App Access Key and App Secret. 100ms provides two options for obtaining a Management Token:
Option A: Use the Pre-Generated Token from the Dashboard (for testing)
-
In the Developer section of your 100ms Dashboard, locate the Management Token field.
-
Copy the displayed token. This pre-generated token has a default validity of 7 days and can be used immediately for testing with Nexla.
Pre-generated tokens from the dashboard are intended for development and testing purposes. For production use, 100ms recommends generating tokens programmatically on your own server so that you can control token validity and avoid long-lived, static tokens.
Option B: Generate a Token Programmatically (recommended for production)
100ms provides code examples in Node.js, Python, Java, Go, PHP, and Ruby for generating Management Tokens. Tokens can be generated with a custom validity period up to a maximum of 14 days. For complete implementation details and code samples, refer to the 100ms Authentication and Tokens documentation.
Create a 100ms Credential
- To create a new 100ms credential, after selecting the data source/destination type, click the Add Credential tile to open the Add New Credential overlay.
Credential Name & Description
-
Enter a name for the credential in the Credential Name field and a short, meaningful description in the Credential Description field.
Resource descriptions are recommended but are not required. They should be used to provide information about the resource purpose, data freshness, etc. that can help the owner and other users efficiently understand and utilize the resource.
API Key Authentication
100ms authenticates REST API calls by requiring a Management Token as a Bearer token in the Authorization request header. Nexla handles this header automatically once you provide the token below.
-
Enter your 100ms Management Token in the API Key Value field. This is the server-side JWT you obtained or generated in the Prerequisites section above. Nexla will automatically include this token as
Bearer <token>in theAuthorizationheader of every API request made to the 100ms API.The value entered here must be your server-side Management Token — not the App Access Key or App Secret themselves, and not the client-side App Token used by 100ms browser or mobile SDKs. If your Management Token expires (default validity is 7 days, maximum is 14 days), generate a new token and update this credential to maintain uninterrupted access.
Save the Credential
-
Once all of the relevant steps in the above sections have been completed, click the Save button at the bottom of the overlay to save the configured credential.
-
The newly added credential will now appear in a tile on the Authenticate screen during data source/destination creation and can be selected for use with a new data source or destination.