API Tokens

Caution

API tokens do not expire and will allow indefinite access to your Nuki Web account if compromised. We highly recommend using OAuth 2 to authorisze your API requests.

You can create an API Token from within Nuki Web. Head to the “API” menu and select “Generate API token”.

A form will appear, where you can provide a name for your API token, helping you to identify it later on. Select the relevant scopes for this token.

Once you have clicked “Save”, your API token will appear. You must copy this for use and store it somewhere securely.

Caution

You cannot obtain your API token again at a later date. You must copy and store it during the creation process. If you lose your API token or forgot to save it, you should delete that API token right away and create a new one.

You can use this API Token within the “Authorization” header of your request. The value should be “Bearer”, followed by a space, and then your bearer token.

Authorization: Bearer <BEARER_TOKEN>

Here is an example request using that bearer token:

curl --location 'https://api.nuki.io/smartlock/auth' --header 'Accept: */*' --header 'Authorization: <BEARER_TOKEN>'