Authentication - Share Of Model

Share Of Model exposes three authentication schemes. Most integrations only ever need the first two.

Bearer JWT

The default for every Core API and Search Module endpoint. Pass a short-lived JSON Web Token in the Authorization header:

Authorization: Bearer <ACCESS_TOKEN>

Tokens expire — when they do, the API returns 401. Request a new one through the API key exchange below or the refresh endpoint in the API Reference.

API keys

Long-lived secrets you generate from the console. Three scopes are available:

User key — acts on behalf of a user across their organizations.
Organization key — scoped to one organization.
Workspace key — scoped to one workspace; safest for backend integrations.

Exchange a key for a JWT:

curl -X POST https://api.shareofmodel.ai/v1/auth/token \
  -H "Content-Type: application/json" \
  -d '{"api_key": "<YOUR_API_KEY>"}'

Store the API key as a server-side secret. Never ship it to a browser.

OAuth 2.0

Used only when connecting external Platform Accounts (Google Ads, TikTok). The flow runs through the console UI; you do not call the OAuth endpoints directly. See the Platform Integrations group in the API Reference for the resulting resources.

​Bearer JWT

​API keys

​OAuth 2.0

Bearer JWT

API keys

OAuth 2.0