Skip to main content

Bearer Token

All Client API routes require authentication via Bearer token in the Authorization HTTP header. 
Authorization: Bearer <your-token>

How to get your token

The access token is obtained through the PixUs Global platform’s Better Auth authentication flow. Contact support to get your API credentials.

Using the token

Include the Authorization header in all requests: 
curl -X GET "https://api.pixusglobal.com/client/quote?symbol=USDTBRL" \
  -H "Authorization: Bearer your-token-here"

Token resolution

The system resolves the token in the following order:
  1. Local cache — in-memory check for recent tokens
  2. Redis — distributed cache with 15-second TTL
  3. Database — full session validation via Better Auth

Authentication errors

CodeDescription
401Missing, invalid, or expired token
403Valid token, but no permission for the resource
401 Response
{
  "error": "Unauthorized",
  "message": "Invalid or expired token"
}

Best practices

  • Store the token securely (never in source code)
  • Renew the token before expiration
  • Use HTTPS for all requests (HTTP will be rejected)
  • Do not share tokens between environments (production/staging)