Embed Tokens API

Overview

Embed tokens provide secure access to the EventNerds public embed API for displaying event widgets (schedules, speakers, sessions) on external websites. Unlike API keys which are for server-to-server communication, embed tokens are designed for client-side use in embedded widgets.

Endpoints

List embed tokens

Get a paginated list of embed tokens for your account. The full token value is never returned - only the prefix is shown for identification.

Query parameters

Example request

curl -X GET "https://eventnerds.com/api/developer/v1/embed-tokens?event_id=EVENT_ID" \
  -H "Authorization: Bearer YOUR_API_KEY"

Create embed token

Create a new embed token. The full token is only returned in this response - store it securely as it cannot be retrieved again.

Request body

Example request

curl -X POST "https://eventnerds.com/api/developer/v1/embed-tokens" \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "eventId": "EVENT_ID",
    "name": "Production Website",
    "allowedOrigins": ["https://example.com", "https://www.example.com"]
  }'

Example response

{
  "success": true,
  "data": {
    "id": "token-uuid",
    "event_id": "event-uuid",
    "name": "Production Website",
    "prefix": "emb_abc123...",
    "token": "emb_abc123def456ghi789...",
    "is_active": true,
    "allowed_origins": ["https://example.com"],
    "created_at": "2025-01-15T10:00:00Z",
    "expires_at": null
  }
}

Update embed token

Update an embed token's settings. Cannot change the token value itself.

Request body

Example request

curl -X PATCH "https://eventnerds.com/api/developer/v1/embed-tokens/TOKEN_ID" \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "name": "Updated Name",
    "allowedOrigins": ["https://newdomain.com"],
    "isActive": false
  }'

Revoke embed token

Revoke an embed token. This is a soft delete that disables the token immediately. Any websites using this token will no longer be able to display the embedded widgets.

Example request

curl -X DELETE "https://eventnerds.com/api/developer/v1/embed-tokens/TOKEN_ID" \
  -H "Authorization: Bearer YOUR_API_KEY"

Using embed tokens

Once you have created an embed token, use it to authenticate requests to the public embed API. The token is passed in the Authorization header or directly in the embed component attributes.

Web component example

<!-- HTML Embed Example -->
<script src="https://eventnerds.com/embed/v1/loader.js" async></script>
<eventnerds-schedule
  event-id="YOUR_EVENT_ID"
  token="emb_your_token_here"
></eventnerds-schedule>

Available widgets

• eventnerds-schedule - Full event schedule with day tabs and track filtering
• eventnerds-session-list - Simplified session list view
• eventnerds-session-detail - Single session detail view
• eventnerds-speakers - Speaker gallery (grid, list, or carousel)
• eventnerds-speaker-card - Individual speaker profile card
• eventnerds-registration - Event registration form

Best practices