Authentication

All API endpoints are authenticated using Bearer tokens. Include your signed JWT token in the Authorization header of your requests: 
{
  "Authorization": "Bearer <your_signed_jwt_token>"
}
To obtain a JWT secret, please reach out to the Reach team at support@embedreach.com
We have two types of JWT tokens:

Tenant Scoped JWT

This is a JWT token that is signed with the tenants ID. This can be used to send to your Frontend client in order to allow them to make requests that only have access to that tenant. Learn more about Tenant Scoped JWT

Partner Scoped JWT

This is a JWT token that is signed with the vertical software providers’s ID. This can be used to make requests to the platform’s API endpoints. For example, if you are adding a new Channel Integration, you can use a partner scoped JWT to configure the integration for all your tenants. Learn more about Partner Scoped JWT

Impersonating with a Partner Scoped JWT

If you are using a partner scoped JWT, you can optionally pass in a header to impersonate a specific tenant. 
{
  "Authorization": "Bearer <your_signed_jwt_token>",
  "reach-tenant-id": "<tenant_id>"
}
All routes that accept this header will be specified in the route’s documentation.