# Authentication

LeapAI CXR uses JWT (JSON Web Token) based authentication to secure all inference endpoints.

# How It Works

Upon installation, your integration team will be provided with a pre-generated JWT token. This token is used to authenticate all API requests to the inference endpoints.

You do not need to call any login or token-generation endpoint. The token is issued to you as part of the onboarding process after LeapAI CXR is installed.

# Using the Token

Include the token in the Authorization header for all inference endpoints (/single_inference and /bulk_inference):

Authorization: <your_jwt_token>

Important

Do not prefix the token with Bearer. Pass the raw JWT string directly in the Authorization header.

# Example

curl -X POST http://<server-ip>:8500/single_inference \
  -H "Content-Type: application/json" \
  -H "Authorization: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..." \
  -d '{
    "input_image_path": "/path/to/image.dcm",
    "output_folder_path": "/path/to/output/"
  }'

# Authentication Error Responses

If the token is missing, expired, or invalid, the API will return one of the following errors:

HTTP Status	Message	Cause
`401`	`Token missing`	No `Authorization` header provided
`401`	`Token expired`	JWT token has expired
`401`	`Invalid token`	Malformed or tampered JWT token