Auth API
Use the Auth API to generate tokens with fine-grained permissions for accessing users, messages, brands, inbox events, and preferences based on scoped roles.
Auth Token Management
Inbox Auth
-
user_id:<user-id>- Gives the token access to a given user. Multiple can be listed. Exuser_id:pigeon user_id:bluebird. User ID scopes must be used in conjunction with other scopes to specify which resources of the user the token can access. -
read:messages- Gives the token access to read messages. Must be used in conjunction with one or more user_ids. -
read:user-tokens- Gives the token access to read user tokens. Must be used in conjunction with one or moreuser_idscopes. -
write:user-tokens- Gives the token access to write user tokens. Must be used in conjunction with one or moreuser_idscopes. -
read:brands[:<brand_id>]Give the token access to read brands, optionally restricted to a specific brand_id. Examplesread:brands,read:brands:my_brand. -
write:brands[:<brand_id>]Give the token access to read brands, optionally restricted to a specific brand_id. Exampleswrite:brands,write:brands:my_brand. -
inbox:read:messagesGive the token access to read inbox messages. -
inbox:write:eventsGive the token access to write inbox events, such as mark message as read.
Preferences Auth
-
read:preferencesGive the token access to read user preferences. -
write:preferencesGive the token access to write user preferences.
Courier Create Auth
-
tenants:read| Read all tenant data -
tenants:notifications:read| Read all notification templates -
tenants:notifications:write| Write notification templates -
tenants:brand:read| Read brand settings across tenants -
tenant:$TENANT_ID:read| Read data for a specific tenant -
tenant:$TENANT_ID:notification:read| Read specific tenant’s notifications -
tenant:$TENANT_ID:notification:write| Write specific tenant’s notifications -
tenant:$TENANT_ID:brand:read| Read brand settings for a specific tenant -
tenant:$TENANT_ID:brand:write| Write brand settings for a specific tenant