How do I authenticate with JSON web tokens (JWT) instead of an API key?

Q. Why is Wowza Video transitioning from API keys to JWT for authentication?

A. JSON Web Tokens are more secure because:

  • The information is verifiable and trustworthy because it’s digitally signed.
  • This authentication method is more versatile.
  • It allows users to create System Access Tokens and Personal Access Tokens.
  • JSON Web Token (JWT) adheres to modern security standards.
  • JWT provides added security across all Wowza properties (instead of having a Cloud-only API Key).

JWT-based authentication is now available in the beta version (1.8) of the API. Although you'll be able to authenticate both ways while we transition (API keys or JWT), we encourage you to update your integrations to use JWT as soon as possible.

To authenticate with a JWT, you’ll need to do the following:

  1. Create a personal access token, which is the JWT, in the Token Management portal. For convenience, you can also access the portal from the Access Key page in Wowza Video. Once you are on the page that allows you to create and manage tokens, you will have the choice between a personal token or system tokens. The benefit of system tokens is that they enable you to assign different roles to members of your team.


  1. Once you have generated the token, use it in your REST API requests as a bearer token in an Authentication header.

We use environment variables in the curl API request examples for Wowza Video to make it easier for you to copy, paste, and run commands in your Terminal or Command Prompt window. The variable syntax differs according to your operating system.


You can set environment variables like this, depending on your operating system:

Linux or macOS:

export WV_JWT="your token here"
export WV_HOST=""
export WV_VERSION="v1.8"


set WV_JWT=your token here
set WV_HOST=
set WV_VERSION=v1.8

After setting values for the environment variables, you can copy and paste API request examples into your Terminal or Command Prompt. You'll still need to substitute resource IDs and update parameter values, where appropriate.

Sample Request:

curl -X POST \
-H "Content-Type: application/json" \
-H "Authorization: Bearer <JWT>" \
-d '{
"transcoder": {
"billing_mode": "pay_as_you_go",
"broadcast_location": "us_west_california",
"buffer_size": 4000,
"delivery_method": "push",
"low_latency": true,
"name": "MyABRtranscoder",
"protocol": "rtsp",
"transcoder_type": "transcoded"
}' "${WSC_HOST}/api/beta/transcoders"

Using a GUI-based REST API client:

Once you’ve created your token, you can simply create a variable in Postman named “token” and add your token value to it. This will then allow you to create your REST API calls and begin managing your live streams.

Example POST request in a GUI-based API test application:



Please see this article for more information on how to use the Wowza Video REST API and JWT. 



Generate a personal access Token (JWT)

Full library of Wowza Video documentation