Skip to main content
The Anyreach API accepts two bearer credentials: organization API keys (ak_, created on the API Keys page) and personal access tokens (pat_, created under Account → Tokens). See the Authentication guide for the full walkthrough and the differences between them. Pass the credential in the Authorization header on every request:
curl https://api.anyreach.ai/core/agents \
  -H "Authorization: Bearer $ANYREACH_TOKEN"
Copy your credential when you create it — it’s shown only once. Store it in a secret manager, never in source control.

Working across organizations

An organization API key (ak_) carries its organization implicitly. A personal access token (pat_) does not — set the target organization with the X-Anyreach-Org header:
curl https://api.anyreach.ai/core/agents \
  -H "Authorization: Bearer $ANYREACH_PAT" \
  -H "X-Anyreach-Org: $ANYREACH_ORG_ID"

Access and permissions

A credential can do whatever the issuing user or organization role can do, governed by roles and scopes. Some endpoints return a reduced set of fields to lower-privileged credentials — for example, conversation transcripts and recordings require conversations:read_sensitive (see Permissions and data access).

Failed authentication

StatusMeaning
401The credential is missing or invalid, or a pat_ token was sent without the X-Anyreach-Org header.
403The credential is valid but its scopes don’t grant access to the action.