Overview
The AxiomTradeAPI client provides three core authentication attributes that work together to manage your API access securely. Understanding these attributes is essential for building robust trading applications with proper session management.
| Attribute | Type | Description |
|---|---|---|
access_token | str (property) | Current JWT access token for API requests |
auth | AuthManager | Legacy alias for auth_manager (backward compatibility) |
auth_manager | AuthManager | Complete authentication manager with auto-refresh |
Authentication Flow
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
โ AxiomTradeClient โ
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโค
โ โ
โ access_token โโโบ Read-only property โ
โ โ Returns current token โ
โ โ โ
โ auth โโโโโโโโโโโบ Legacy alias โ
โ โ Points to auth_manager โ
โ โ โ
โ auth_manager โโโบ Full auth system โ
โ โ โโ Token storage โ
โ โ โโ Auto-refresh โ
โ โ โโ Session management โ
โ โ โโ Secure encryption โ
โ โ
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
access_token
Property Type
python
@property\ndef access_token(self) -> Optional[str]Returns: str if authenticated, None if not authenticated
access_token is a read-only property that returns the current JWT (JSON Web Token) used to authenticate API requests. This token is automatically managed by the auth_manager and should not be modified directly.
Token Characteristics
- Short-lived: Tokens typically expire after 15-60 minutes
- Auto-refresh: Automatically refreshed when expired
- JWT Format: Contains user identity and permissions
- Secure: Should be kept confidential and never shared
Basic Usage Example
python
from axiomtradeapi import AxiomTradeClient
# Initialize and login
client = AxiomTradeClient()
client.login("your_email@example.com", "your_password")
# Access the token (read-only)
current_token = client.access_token
if current_token:
print(f"โ
Authenticated with token: {current_token[:50]}...")
print(f" Token length: {len(current_token)} characters")
else:
print("โ Not authenticated")Read-Only Property
You cannot set access_token directly. Use set_tokens() method instead:
python
# โ WRONG - This will fail
client.access_token = "new_token"
# โ
CORRECT - Use set_tokens()
client.set_tokens(
access_token="your_access_token",
refresh_token="your_refresh_token"
)Security Warning
Never log or expose the full token in production code. Only log partial tokens for debugging:
python
# โ
SAFE - Only show first 20 characters
print(f"Token: {client.access_token[:20]}...")
# โ UNSAFE - Exposes full token
print(f"Token: {client.access_token}") # Don't do this!auth_manager
auth_manager is the complete authentication management system that handles everything from login to automatic token refresh. It's your primary interface for authentication operations.
Login & Logout
Full authentication lifecycle management
Auto-Refresh
Automatic token refresh before expiration
Secure Storage
Encrypted token persistence
Security
Cookie management and encryption
Core Methods
| Method | Description |
|---|---|
authenticate() | Perform full authentication (login) |
ensure_valid_authentication() | Check and refresh token if needed |
make_authenticated_request() | Make API request with auth headers |
refresh_tokens() | Manually refresh tokens |
logout() | Clear authentication and delete saved tokens |
Usage Example
python
from axiomtradeapi import AxiomTradeClient
client = AxiomTradeClient()
# 1. Ensure authentication is valid
if client.auth_manager.ensure_valid_authentication():
print("โ
Authenticated and token is valid")
else:
print("โ Authentication failed")
# 2. Manually refresh tokens if needed
if client.auth_manager.tokens and client.auth_manager.tokens.needs_refresh:
client.auth_manager.refresh_tokens()
print("๐ Tokens refreshed")
# 3. Make authenticated request
response = client.auth_manager.make_authenticated_request(
method='GET',
url='https://axiom.trade/api/endpoint',
params={'key': 'value'}
)
# 4. Logout when done
client.auth_manager.logout()
print("๐ Logged out and tokens cleared")auth (Legacy)
Backward Compatibility Only
The auth attribute is a legacy alias for auth_manager. Use auth_manager for new code.
python
from axiomtradeapi import AxiomTradeClient
client = AxiomTradeClient()
# Both of these are identical:
auth_manager_1 = client.auth # Legacy way
auth_manager_2 = client.auth_manager # Modern way
# They point to the same object
assert auth_manager_1 is auth_manager_2 # True
# โ
RECOMMENDED (Modern)
client.auth_manager.ensure_valid_authentication()
# โ ๏ธ LEGACY (Still works, but use auth_manager instead)
client.auth.ensure_valid_authentication()Quick Start
Method 1: Login with Credentials
python
from axiomtradeapi import AxiomTradeClient
# Initialize with credentials
client = AxiomTradeClient(
username="your_email@example.com",
password="your_password"
)
# Login automatically happens on first API call
balance = client.GetBalance("wallet_address")
# Or manually trigger login
client.login()Method 2: Use Existing Tokens
python
from axiomtradeapi import AxiomTradeClient
import os
# Load tokens from environment variables
access_token = os.getenv('AXIOM_ACCESS_TOKEN')
refresh_token = os.getenv('AXIOM_REFRESH_TOKEN')
# Initialize with tokens
client = AxiomTradeClient(
auth_token=access_token,
refresh_token=refresh_token
)
# Check token
print(f"Token: {client.access_token[:20]}...")Method 3: Automatic Token Storage
python
from axiomtradeapi import AxiomTradeClient
# First time - login and save tokens
client = AxiomTradeClient(
username="email@example.com",
password="password",
use_saved_tokens=True # Enable automatic storage (default)
)
client.login()
# Later - tokens automatically loaded
client2 = AxiomTradeClient(use_saved_tokens=True)
# No login needed! Tokens loaded from secure storage
print(f"Auto-loaded token: {client2.access_token[:20]}...")Best Practices
DO
- โUse environment variables for credentials
- โEnable automatic token storage
- โCheck authentication before critical operations
- โHandle token refresh gracefully
- โLog only partial tokens for debugging
- โClear tokens on logout
DON'T
- โCommit tokens to version control
- โShare or expose full tokens
- โHardcode credentials in code
- โUse expired tokens
- โSkip authentication validation
- โIgnore token refresh errors
Environment Variables Example
python
from axiomtradeapi import AxiomTradeClient
import os
from dotenv import load_dotenv
# Load from .env file
load_dotenv()
# โ
GOOD - Credentials from environment
client = AxiomTradeClient(
username=os.getenv('AXIOM_EMAIL'),
password=os.getenv('AXIOM_PASSWORD')
)
# โ BAD - Hardcoded credentials
# client = AxiomTradeClient(
# username="myemail@example.com",
# password="mypassword123"
# )Security Guidelines
๐ Secure Storage
python
# Use encrypted storage (automatic)
client = AxiomTradeClient(
use_saved_tokens=True
)๐ Token Rotation
python
# Tokens auto-refresh
# Manual refresh if needed
client.auth_manager.refresh_tokens()๐งน Clean Logout
python
# Clears tokens and deletes files
client.auth_manager.logout()โ Validation
python
# Always validate before use
if client.auth_manager.ensure_valid_authentication():
# Safe to proceed
passโ ๏ธ Never Commit Tokens
Add these to your .gitignore:
bash
.env
tokens.enc
key.enc
*.token
__pycache__/
.axiomtrade/Troubleshooting
Issue: access_token is None
Cause: Client not authenticated
Solution:
python
client = AxiomTradeClient()
if client.access_token is None:
print("Not authenticated, logging in...")
client.login("email@example.com", "password")Issue: Token expired errors
Cause: Token expired and auto-refresh failed
Solution:
python
# Force token validation
if not client.auth_manager.ensure_valid_authentication():
print("Re-authenticating...")
client.login()Issue: Tokens not persisting
Cause: Token storage disabled
Solution:
python
# Enable automatic storage
client = AxiomTradeClient(
use_saved_tokens=True # Make sure this is True
)
# Verify storage
if client.auth_manager.token_storage.has_saved_tokens():
print("โ
Token storage working")
else:
print("โ No tokens saved")Need More Help?
Our support team and community are here to help you with authentication issues
Related Documentation
Build Secure Trading Applications
Need help implementing secure authentication in your trading bot? Our experts can help.