The Core API uses API tokens to authenticate its user.

You MUST send the token for each request in the Authorization header. The token MUST be preceded by Bearer. See the Authorization header in the example request below.

curl --request GET \
  --header 'Authorization: Bearer [REQUEST_TOKEN]'

OAuth v Front API Tokens

There are two ways to get an API token — directly through the Front UI (Settings > Plugins & API > API) or via OAuth.

If you’re just building an integration for your own Front instance or a single Front customer, or have a development instance you want to begin making requests with, read our API tokens guide for information on how to generate an API token.

For Partners looking to launch a public integration to all Front customers, if your integration can support OAuth you’ll want to check out our OAuth guide.


OAuth is required for public integrations available to all Front customers.

OAuth access

Integrations relying on OAuth all have the same scope: “Shared resources”, and at this time cannot request more permissive scopes. This means that integrations that use OAuth will be able to access all team resources (teams, contacts, conversations, team channels, inboxes, messages in team inboxes, team tags etc.) but won't be able to access individual teammate inboxes or settings such as personal signatures. Check out our OAuth guide for more details.


Individual Resources and OAuth apps

Individual resources are accessible only to tokens that have been generated by Front. OAuth clients are not authorized to access them.