Front Platform

Welcome to the Front Platform. You'll find comprehensive guides and documentation to help you start working with Front as quickly as possible, as well as support if you get stuck. Let's jump right in!

Get Started    

Getting Started


The Core API uses API tokens to authenticate its user.

You MUST send the token for each request in the Authorization header. The token MUST be preceded by Bearer. See the Authorization header in the example request below.

curl --request GET \
  --header 'Authorization: Bearer [REQUEST_TOKEN]'

As an admin, you can generate an API token directly from Front (Settings > Plugins & API > API). If you are already a Front customer, read our How to create and revoke API tokens guide for information on how to generate an API token, and get started with Front's API.


By default, Front's API rate limits start at 100 requests per 60 seconds and can be increased depending on your plan. For example, customers with the Prime plan (and above) have a default rate limit of 200 requests per 60 seconds. If you need to increase your API rate limit beyond the limit provided by your plan, an API Rate Limit add-on can be purchased.

Every API call response will contain three headers related to the rate-limiting:




Maximum number of request allowed in the time window


Current remaining number of requests in the current time window


Next timestamp when the number of remaining requests will be reset

When the rate limit is exceeded, the server will respond with a 429 Too Many Requests HTTP code with the header Retry-After to tell you how many seconds you need to wait before you can retry the request.

Additional "burst" rate-limiting
Some resource-intensive routes are subject to additional rate-limiting to prevent strain on Front's infrastructure. This additional rate limit has a short TTL and only prevents sudden bursts of requests. The limit will depend on the resources needed to fulfill the request. Please see the list below.

Such resources have the header X-Front-Tier. If you are rate limited at the resource level, you will receive the header Retry-After, even though X-RateLimit-Remaining may be greater than 0. This is because the limits do not affect each other.

Please wait Retry-After seconds before safely retrying the request.

Tier 1 - limited to 1 request / sec

  • POST /exports
  • POST /team/:team_id/exports

Tier 2 - limited to 3 request / sec

  • PATCH /conversations/:conversation_id
  • PUT /conversations/:conversation_id/assignee
  • POST /channels/:channel_id/messages
  • POST /conversations/:conversation_id/messages
  • POST /channels/:channel_id/incoming_messages
  • POST /channels/:channel_id/inbound_messages
  • POST /channels/:channel_id/outbound_messages
  • POST /inboxes/:inbox_id/imported_messages
  • PATCH /teammates/:teammate_id

Private resource access

By default, individual resources are private and the API does not let you interact with them nor with their content.

However, a user has the ability to allow access to their individual resources from the API in their settings (cf: Settings > My preferences > "Allow access to my individual resources via the API").


Individual Resources

Individual resources are accessible only to tokens that have been generated by Front. OAuth clients are not authorized to access them.

Updated about a month ago

Getting Started

Suggested Edits are limited on API Reference Pages

You can only suggest edits to Markdown body content, but not to the API spec.