Home / Docs / Authentication

Authentication

IBviz's API uses short-lived access tokens with a refresh-token flow, the same mechanism used to authenticate the web app. Tokens are issued for both anonymous and email-based accounts, so the API respects whichever sign-up method your organization uses.

Every request is authenticated with a Bearer token. Tokens expire regularly and are refreshed via a dedicated endpoint, so integrations are expected to handle token rotation rather than relying on a single long-lived key.

📌 Full endpoint documentation is shared with paying customers. Get in touch to discuss request access.