Skip to main content

Overview

The Strata API uses JWT tokens to authenticate requests. Create an RSA key pair in the Strata Dashboard which provides a private key that can be used to generate signed JWT tokens. All API requests must be made over HTTPS. Calls made over plain HTTP will fail. API requests without authentication will also fail.

Generating signed JWT tokens

1. Create a signing key in the Strata dashboard

In the Strata dashboard, navigate to the Settings page by selecting Settings in the sidebar. Click Generate New Keypair to get a new signing key. Save the private key somewhere secure. You will not be able to see it again.

2. Generate signed user JWT tokens

Generate a JWT token. Use the following header:
  • alg: The algorithm used to sign the JWT. Strata only supports RS256.
  • typ: The type of token. Must be JWT.
{
  "alg": "RS256",
  "typ": "JWT"
}
And the following claims:
  • sub: The JWT subject. For the Sync API this is your Strata project ID.
  • iat: The JWT issued at timestamp in seconds since the Unix epoch. Typically the current time.
  • exp: The JWT expiration timestamp in seconds since the Unix epoch (must be later than the iat claim).
{
  "sub": "<project_id>",
  "iat": 1749602274,
  "exp": 1749602290
}
Here is a sample Node.js implementation: 
/**
 * Generate a JWT token for the Strata Sync API
 */
import jwt from "jsonwebtoken";
import dotenv from "dotenv";

dotenv.config();

const currentTime = Math.floor(Date.now() / 1000);

const payload: jwt.JwtPayload = {
  sub: "<project_id>",
  iat: currentTime,
};

const privateKey = process.env.PRIVATE_KEY;
if (!privateKey) {
  throw new Error("PRIVATE_KEY is not set");
}

const token = jwt.sign(payload, privateKey, {
  algorithm: "RS256",
  expiresIn: "1h",
});

3. Use the signed JWT token to make an API request

curl -X GET "https://api.connectstrata.com/projects/<project_id>/events/gong/calls" \
  -H "Authorization: Bearer <project_jwt_token>" \
  -H "Content-Type: application/json"