Authentication
Authentication with Meridian
Every request to the Meridian API must include an Authorization header carrying a Bearer token.
Header format
Authorization: Bearer nim_live_***
The Bearer prefix is required. Tokens are opaque strings prefixed with nim_live_ for production or nim_test_ for sandbox environments.
Example request
curl https://api.meridian.dev/v1/verify \
-H "Authorization: Bearer nim_live_01J..." \
-H "Content-Type: application/json"Managing tokens
API keys are provisioned through the dashboard settings page. Rotate keys regularly and never expose them in client-side code or version control.
Error responses
401 — Missing Authorization header
Returned when no Authorization header is present.
401 — Invalid token
The Bearer token is malformed, expired, or has been revoked.
403 — Insufficient scope
The token lacks the required permissions for the requested endpoint.