Authentication
Securely authenticate your API requests using API Keys or JWT Tokens.
Authentication Methods
Meeva supports two primary methods for authentication. Choose based on your use case:
API Keys
Recommended for backends
Server-side scripts, backend integrations, and automated processes.
JWT Tokens
For user sessions
User authentication, frontend apps, and session-based access control.
Using API Keys
API keys are the simplest way to authenticate. Send your key in the Authorization header.
Header Format:
curl https://meeva.app/v1/event-types \
-H "Authorization: ApiKey mk_live_abc123..."- • Never expose API keys in client-side code (browsers, mobile apps)
- • Store keys in environment variables, not in code
- • If a key is compromised, revoke it immediately in your dashboard
- • Use separate keys for development and production
Using JWT Tokens
For user-level operations, obtain a JWT token by authenticating with user credentials.
Step 1: Obtain a Token
Call the login endpoint with user credentials to receive a JWT token:
curl -X POST https://meeva.app/v1/auth/login \
-H "Content-Type: application/json" \
-d '{
"email": "user@example.com",
"password": "your-password"
}'Step 2: Use the Token
Include the token in the Authorization header with the Bearer scheme:
curl https://meeva.app/v1/users/me \
-H "Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..."Error Handling
When authentication fails, the API returns a 401 Unauthorized response.
{
"code": "UNAUTHORIZED",
"message": "Invalid API key provided"
}Common authentication errors:
UNAUTHORIZEDInvalid or missing API key / tokenTOKEN_EXPIREDJWT token has expired, refresh requiredKEY_REVOKEDAPI key has been revoked in dashboard