Control API

The Control API allows clients to manage and query a cluster. Only routes prefixed with versions (e.g. '/v1') are exposed to the public internet. All endpoints require authentication.

JWT Authentication

All requests must include Header Authorization with value Bearer <token>.

The token is JSON Web Token (JWT) signed using 512 bit or 64 char shared secret (HMAC512 algo). MetaRouter provides this secret after cluster creation.

Required claims:

  1. 'wky' (string) for the write key.
  2. 'exp' (integer) for expiration.

The claim exp must be a unix timestamp in seconds. See:

See for more info.



  "wky": "test",
  "exp": 1516239022

Example Header with above claims.

Authorization: Bearer eyJhbGciOiJIUzUxMiIsInR5cCI6IkpXVCJ9.eyJ3a3kiOiJ0ZXN0IiwiZXhwIjoxNTE2MjM5MDIyfQ.wv0sjOxzRdn8rdNJa-hWDqXc1VjovEORN6kHxMhRlftaqD9cghV9guVZH2_C7eizf8iAyAh7Oc8-EyqqgePX0w