Skip to main content
Authentication using an access token is required to interact securely with the Lynx API. This guide provides an overview of generating and using access tokens and best practices for ensuring API security.

Access Token

An access token is a security credential used to authenticate API requests. Each request to the Lynx API must include a valid access token in the Authorization header.
Keep your Tokens SafeIt is important to avoid sharing your secret tokens in public places like GitHub or Bitbucket since it can allow malicious API calls.
Access tokens can be found through the Nayax Back Office (Nayax Core). Follow these steps to retrieve an access token:
  1. Log in to Nayax Core using your username and password.
  2. Navigate to Account Settings by clicking on your username at the top right corner, and selecting the Account Settings option.
  3. Access the Security and Login Tab.
  4. Navigate down to the User Tokens section.
  5. Click the Show Token button next to an existing token to show it, and copy the token for use in API calls.

Using the Token in API Requests

Include the access token in the Authorization header for each API request: 
curl -X GET "https://qa-lynx.nayax.com/operational/v1/devices" \
-H "Authorization: Bearer <YOUR_ACCESS_TOKEN>" \
-H "Content-Type: application/json"
  • Replace <YOUR_ACCESS_TOKEN> with your actual token retrieved from Nayax Core.
EnvironmentsAll examples in this documentation use the QA base URL: https://qa-lynx.nayax.com/operational. For production, replace the hostname with lynx.nayax.com.