Authentication Lifecycle
DalySDK uses workspace + user API keys to obtain a JWT from DalyAPI.
Token Acquisition
On first authenticated request, the SDK calls:
with payload:
{
"workspace_id": "WORKSPACE_API_KEY",
"user_id": "USER_API_KEY"
}
Token Caching and Refresh
AuthManager caches:
- token value
- token expiry timestamp
Refresh is triggered when token is missing or within 1 hour of expiry.
401 Retry Behavior
For API requests:
- SDK sends request with current token.
- If response is
401, SDK invalidates token.
- SDK refreshes token and retries once.
- If retry still fails,
AuthenticationError is raised.
Failure Modes
AuthenticationError is raised for:
- Invalid API keys (
401 from auth endpoint)
- Non-200 auth responses
- Network errors reaching auth endpoint
- Missing token field in auth response
Workspace and user API keys are root credentials for token exchange. Keep them in secure secret storage.
