API Authentication


The Dolby.io REST APIs require the use of a Bearer authorization header. You can obtain the Bearer Authorization token in JSON Web Token (JWT) format, by calling the Dolby.io Authentication API https://api.dolby.io/v1/auth/token using Basic Authentication with the App key and App secret from the Dolby.io dashboard.

The REST API authentication token also supports expiration customization to change the validity period of the API token.

The following diagram illustrates the scenarios where the customer may use the Authentication APIs.


REST authentication sequence

Common API token authentication

Dolby.io uses a common authentication mechanism for access control of all Dolby.io applications. The common authentication mechanism includes the following advantages:

  • Simpler integration of all Dolby.io APIs into an application.
  • Simpler management of App key and App secret application credentials in the Dolby.io dashboard.
  • Ability to delegate access to an application running on third-party services.

Generating an API token

Before generating an API token, you need credentials to create the token. You will get your new App key and App secret credentials from the Dolby.io developer dashboard.

Locating your App key and App secret

  1. Log into the Dolby.io developer dashboard.
  2. Click CREATE APP.
  3. In the Application Name box, enter your application name, and click CREATE.
  4. In the API Keys column, in the same row as your application, click API keys.
  5. Click Copy to copy your App key and App secret.

Note: The client access token generated from the dashboard will not work with Media APIs.

API Token authentication code examples

The following code examples show you how to call the Dolby.io Authentication API using your App key and App secret to get an API Token.

import requests
import json
import os
APP_KEY = os.environ['APP_KEY']
APP_SECRET = os.environ['APP_SECRET']
payload = { 'grant_type': 'client_credentials', 'expires_in': 1800 }
response = requests.post('https://api.dolby.io/v1/auth/token', data=payload, auth=requests.auth.HTTPBasicAuth(APP_KEY,APP_SECRET))
body = json.loads(response.content)
access_token = body['access_token']
import fetch from 'node-fetch';
const auth = Buffer.from(`${process.env.APP_KEY}:${process.env.APP_SECRET}`).toString('base64');
const response = await fetch('https://api.dolby.io/v1/auth/token', {
    method: 'POST',
    body: new URLSearchParams({
        grant_type: 'client_credentials',
        expires_in: 1800
    headers: {
        'Accept': 'application/json',
        'Content-Type': 'application/x-www-form-urlencoded',
        'Authorization': `Basic ${auth}`
const json = await response.json();
const access_token = json.access_token;
AUTH=$(echo $APP_KEY:$APP_SECRET | tr -d '\n' | base64)
curl -X POST  https://api.dolby.io/v1/auth/token -H "Authorization: Basic $AUTH" -H "Content-Type: application/x-www-form-urlencoded" -d 'grant_type=client_credentials&expires_in=1800'