Production Authentication

Production authentication differs from sandbox with additional security.

Differences from Sandbox

Feature	Sandbox	Production
mTLS	Optional	Required
IP Whitelist	Optional	Required
Token Lifetime	10,000s	3,600s
Rate Limits	Relaxed	Strict

mTLS Setup

Generate CSR (Certificate Signing Request)
Submit CSR to FinHub
Receive signed certificate
Install certificate in your application

Authentication Request

curl -X POST "https://gateway.finhub.cloud/oauth/token" \
  --cert client.crt \
  --key client.key \
  -H "Content-Type: application/json" \
  -d '{
    "grant_type": "client_credentials",
    "client_id": "YOUR_PROD_CLIENT_ID",
    "client_secret": "YOUR_PROD_CLIENT_SECRET"
  }'

Token Management

Tokens expire after 1 hour
Implement proactive refresh (at 80% lifetime)
Cache tokens appropriately
Handle 401 errors with re-authentication

Production Setup Monitoring

⌘I

Client Categories

Product Suite

Service Models

CoreX Service Model

API Service Model

Hybrid Service Model

Production Auth

Production Authentication

Differences from Sandbox

mTLS Setup

Authentication Request

Token Management

Client Categories

Product Suite

Service Models

CoreX Service Model

API Service Model

Hybrid Service Model

​Production Authentication

​Differences from Sandbox

​mTLS Setup

​Authentication Request

​Token Management

Production Authentication

Differences from Sandbox

mTLS Setup

Authentication Request

Token Management