Skip to main content

Authentication

Before using the Moveo One APIs or SDKs, each request must be authenticated using your organization token.
This ensures that all analytic events, models, and configurations are correctly associated with your workspace.

Overview

Moveo One uses token-based authentication for both SDK initialization and server-to-server API access.
You’ll receive a unique token when you create an organization or project in the Moveo One dashboard.

And you can always find it in Settings under Account -> Integrations Moveo dashboard validation screenshot

There are two main authentication flows:

  1. Client SDK initialization – used in your app (web, iOS, Android, Flutter) to identify the session.
  2. Server API authentication – used to push or fetch data securely from your backend.

1. SDK Authentication (Client-side)

When initializing the SDK, you must pass your Moveo One token.
The SDK automatically handles session generation and event signing.

<script src="https://moveoonestorage.blob.core.windows.net/000-scripts/moveo-one-script.min.js"></script>
<script>
  const moveo = MoveoOne.init('YOUR_TOKEN_HERE');
</script>

Best practice: Store your token in a secure configuration file or environment variable — never hardcode it into public repositories.

2. Server-to-Server Authentication

If you need to send events, retrieve predictions, or manage models from your backend, include the token as a Bearer header:

curl -X POST https://api.moveo.one/v1/events \
  -H "Authorization: Bearer YOUR_TOKEN_HERE" \
  -H "Content-Type: application/json" \
  -d '{
        "event": "checkout_start",
        "userId": "12345",
        "timestamp": "2025-10-09T10:00:00Z"
      }'

Token Lifecycle and Rotation

  • Tokens are long-lived but can be revoked at any time from the Moveo One dashboard.
  • For production environments, create separate tokens per environment (dev / staging / prod).

Manage token

Manage your token on the following link: https://app.moveo.one/integrations