Authentication

The Delhivery API uses token-based authentication. Every request is sent with an HTTP header:

Authorization: Token <your_token>

The SDK handles this for you automatically — you just pass the token once when constructing the client.

Getting your token

Log in to the Delhivery One developer portal.
Navigate to API Credentials.
Copy your API Token.

Separate tokens exist for the staging and production environments. Never use a production token in development.

Storing the token securely

Never hard-code API tokens. Use environment variables:

// .env
DELHIVERY_TOKEN=your_token_here

// client setup
import { DelhiveryClient } from "delhivery-sdk";

const client = new DelhiveryClient({
  token: process.env.DELHIVERY_TOKEN!,
});

Error on invalid token

If your token is wrong or expired the SDK throws DelhiveryAuthError:

import { DelhiveryClient, DelhiveryAuthError } from "delhivery-sdk";

try {
  const result = await client.tracking.trackOne("ABC123");
} catch (err) {
  if (err instanceof DelhiveryAuthError) {
    console.error("Invalid token — check your credentials.");
  }
}

Getting your token​

Storing the token securely​

Error on invalid token​

Getting your token

Storing the token securely

Error on invalid token