Hi I’m trying to make some API calls to sophos central and I have a little problem in understanding the JWT Token. When I do all the steps for my tenant described here https://developer.sophos.com/getting-started-tenant I get a JWT and can make API calls. But after 60 minutes the JWT is expired so I have to repeat all the steps.
My goal is to implement these API calls in a monitoring software so that I can automate the calls. Should I use other authentication methods?
Thanks
Hi Stefano,
No, the JWT expires as per best practice. We do provide the expiry time in the token so you know when you need to renew.
For myself, my API calls all have a check at the beginning if the JWT…