N7FORAN7FORA
Get started

Authentication

Every request is authenticated with a workspace-scoped bearer token.

API keys

Create keys in the app under Access & tokens (Admin only). A key inherits the permissions of the account tier it's issued under — User, Staff, or Admin — so a User key can never reach billing or admin resources.

Pass your key as a bearer token in the Authorization header:

bash
curl https://api.n7fora.com/v1/contacts \
  -H "Authorization: Bearer sk_live_..."

Scopes & tiers

UserRead/write your own contacts, capture, assistant
StaffUser scope + support tickets and billing
AdminFull workspace: tokens, accounts, all billing

Keeping keys safe

Keys are secrets. Store them in environment variables, never in client code or version control. Rotate a key immediately if it may have been exposed — old keys can be revoked from the same screen without downtime for others.

All API traffic must use HTTPS. Requests over plain HTTP are rejected. Never put a key in a URL query string.