Skip to main content

Authentication

All BEAM® Chat API endpoints, both real-time and asynchronous, require a valid API token for access. The token must be provided in the Authorization header. The API does not offer CORS and is not meant to be consumed directly from web browser clients. If you don't have a server, you can set up a thin proxy for free using Cloudflare Workers.

There are three types of API tokens you can use with Chat API:

  1. App Access Token - This is your app's secret token that should never leave your server (or serverless) instance. You can access most publicly available data with it. You will have very limited write access on behalf of the app.
  2. User Access Token - This is an OAuth token linked to the user's identity and has access to the user's private information. The access level is determined by you (when requesting permissions) and the user (when granting access to their account to your app) and can include one or more BEAM channels per user token.

You will learn how to obtain each of these tokens below.

App Access Token

After you are granted access to the Chat API (request access on this page), you will see a new app on the My Apps page. On the app details page, you will see the "API Tokens" section, where you'll find your app's secret tokens.

Further details will be released when the API leaves private beta.

User Access Token

Details will be released when the API leaves private beta.