Curiosity

Endpoint Tokens

Endpoint tokens are JWT Bearer tokens used to authorize calls to your custom endpoints from data connectors or external applications.

Creating an Endpoint Token

  1. Navigate to Manage > Tokens in your Curiosity Workspace.
  2. Click the + icon on the top right and select New Endpoint Token.
  3. Provide a Purpose for the token to help you identify it later.
  4. Specify the Endpoint Path or a partial path that this token is allowed to call.
    • Leave the path blank to allow the token to call all custom endpoints.
    • Use a prefix (e.g., analytics/) to allow the token to call any endpoint starting with that path.
  5. Click Create.
  6. Important: Copy the generated token value and store it securely. You will not be able to see it again after closing the dialog.

Using the Token

When calling your endpoint via a POST request, include the token in the Authorization header as a Bearer token.

Note that for restricted endpoints, the URL path should use the /api/endpoints/token/run/ prefix:

POST /api/endpoints/token/run/your-custom-path
Authorization: Bearer <YOUR_TOKEN>
Content-Type: application/json

{
    "data": "your-payload"
}

Restricting Access

Tokens should follow the principle of least privilege. If a token is only needed for a specific set of analytics endpoints, ensure you set the path restriction to that specific prefix (e.g., analytics/) rather than leaving it blank.

Referenced by

© 2026 Curiosity. All rights reserved.