Authentication
Notifo uses two authentication methods depending on the operation.
JWT Bearer token
Used for dashboard operations — managing channels, webhooks, API keys, billing, etc.
Obtain a token via email/password login or OAuth, then pass it in every request:
Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9...
Tokens expire after a short period. Use the refresh endpoint to get a new one without re-logging in.
API Key
Used for sending messages (/v1/notify/*). Create keys in the dashboard under API Keys.
Pass the key in the X-Api-Key header:
X-Api-Key: notifo_live_abc123...
Keys have an optional per-key rate-limit override. If not set, the plan's default applies.
Choosing the right method
| Operation | Method |
|---|---|
| Send a message | API Key (X-Api-Key) |
| List messages / stats | JWT Bearer |
| Manage channels | JWT Bearer |
| Manage webhooks | JWT Bearer |
| Manage API keys | JWT Bearer |
| Billing | JWT Bearer |