Authentication

Authorization: ApiKey {jwt}

API Key authentication allows you to securely access the Bron API using cryptographic signatures. This method uses JSON Web Tokens (JWT) to ensure both authentication and request integrity.

What is JWT?

JSON Web Tokens (JWT) is an open standard for securely transmitting information between parties as a JSON object.A JWT consists of three parts separated by dots:

Part	Contents	Encoding
`Header`	Metadata about the key id, signing algorithm and etc.	base64-encoded JSON
`Payload`	Claims (data) you want to transmit	base64-encoded JSON
`Signature`	Signature of `base64url(header) + "." + base64url(payload)` using private key	binary → base64url

Example of the JWT:

eyJraWQiOiJCdWp0RjQwZlUyNXBGdlNabEdrQyIsImFsZyI6IkVTMjU2In0.eyJpYXQiOjE3NDkyMTI4NDQsIm1lc3NhZ2UiOiJhcnRlbS13YXMtaGVyZSJ9.NtTsKix0Fj6gXA9sSInfW9PRqO82RlLHyvY_ZKRkpof
BeUHU8gsDnHP7_OjUeoB4nYHhsps1RLWFjzkyaJCkwQ


`Header`	`eyJraWQiOiJCdWp0RjQwZlUyNXBGdlNabEdrQyIsImFsZyI6IkVTMjU2In0`
`Payload`	`eyJpYXQiOjE3NDkyMTI4NDQsIm1lc3NhZ2UiOiJhcnRlbS13YXMtaGVyZSJ9`
`Signature`	`NtTsKix0Fj6gXA9sSInfW9PRqO82RlLHyvY_ZKRkpofBeUHU8gsDnHP7_OjUeoB4nYHhsps1RLWFjzkyaJCkwQ`

Bron JWT Structure

Field	Description
`alg`	Signing algorithm
`kid`	Your API key identity ID from the Bron App

Step-by-Step Implementation

Prepare Your Credentials

Generate or upload your API Key in the Bron App and obtain your API Key ID
Save your private key securely
Use your API Key ID (kid) in the JWT header.

Create the Message String

Concatenate these values in order (no delimiters):

{iat}{HTTP_METHOD}{REQUEST_PATH}{REQUEST_BODY}

Components:


`iat`	Current timestamp in seconds (same value used in JWT payload)
`HTTP_METHOD`	HTTP method in uppercase (GET, POST, PUT, DELETE)
`REQUEST_PATH`	Full request path including query parameters (e.g. `/api/v1/users?limit=10`)
`REQUEST_BODY`	JSON string exactly as sent (or noting if none)

Example:

1749217170POST/workspaces/bron/transactions{"transactionType":"swap","params":{"amount":"1"}}

Generate SHA256 Hash

Compute SHA256 over the message string. In Node.js:

const crypto = require('crypto');
const message = `${iat}${method}${path}${bodyString}`;
const hash = crypto.createHash('sha256').update(message).digest('hex');

Store that hex string in the JWT payload under "message".

Sign the JWT

Create and sign the JWT using your private key

Examples

Request:

GET https://api.bron.org/workspaces/bron

JWT Header:

{
  "kid": "BujtF40fU25pFvSZlGkC",
  "alg": "ES256"
}


`Time`	`1749219350`
`Message`	`1749219350GET/workspaces/bron`
`SHA256 Hash`	`25e783b978eb059ef4ece027198e974a1ef7f00608f5033e101a1b956b6c8acd`

JWT Payload

{
  "iat": 1749214244,
  "message": "79ef16bde3537bda7c205d8a7de823c3e3b8832f207d3fe51348b13e1244e067"
}

Signed JWT:

eyJraWQiOiJCdWp0RjQwZlUyNXBGdlNabEdrQyIsImFsZyI6IkVTMjU2In0.eyJpYXQiOjE3NDkyMTkzNTAsIm1lc3NhZ2UiOiIyNWU3ODNiOTc4ZWIwNTllZjRlY2UwMjcxOThlOTc0YTFlZjdmMDA2MDhmNTAzM2UxMDFhMWI5NTZiNmM4YWNkIn0.lDtT1sD4JUsjaIczcpgiT8xAn8hZnnX_dg_ut8t8tsz-JWHGJBnwCMNs3OgFrR_77r3EDZCuoiB7W_FKPbNpsw

Authorization Header:

Authorization: ApiKey eyJraWQiOiJCdWp0RjQwZlUyNXBGdlNabEdrQyIsImFsZyI6IkVTMjU2In0.eyJpYXQiOjE3NDkyMTkzNTAsIm1lc3NhZ2UiOiIyNWU3ODNiOTc4ZWIwNTllZjRlY2UwMjcxOThlOTc0YTFlZjdmMDA2MDhmNTAzM2UxMDFhMWI5NTZiNmM4YWNkIn0.lDtT1sD4JUsjaIczcpgiT8xAn8hZnnX_dg_ut8t8tsz-JWHGJBnwCMNs3OgFrR_77r3EDZCuoiB7W_FKPbNpsw

API Documentation

Bron API SDK

assets

workspaces

accounts

address-book

addresses

balances

intents

stake

transaction-limits

transactions

Bron JWT Structure

Step-by-Step Implementation

Examples

API Documentation

Bron API SDK

assets

workspaces

accounts

address-book

addresses

balances

intents

stake

transaction-limits

transactions

​Bron JWT Structure

​Step-by-Step Implementation

​Examples

Bron JWT Structure

Step-by-Step Implementation

Examples