API Keys
For server-to-server communication and backend integrations
JWT Tokens
For admin console access and user authentication
OAuth2
Sign in with Google or GitHub for seamless onboarding
API Key Authentication
API keys are the recommended way to authenticate your application with EngageFabric. They are project-specific and should be kept secure on your server.Getting Your API Key
- Log in to the Admin Console
- Navigate to your project
- Go to Settings > API Keys
- Copy your API key
Using API Keys
Include your API key in theX-API-Key header:
API Key Types
OAuth2 Authentication
EngageFabric supports OAuth2 authentication with Google and GitHub for seamless user onboarding. This is the recommended method for signing up and logging into the admin console.Supported Providers
Initiating OAuth Flow
Redirect users to the OAuth endpoint to begin authentication:Flow Types
OAuth Callback
After successful authentication, users are redirected to yourredirect_uri with tokens:
Getting Available Providers
Check which OAuth providers are enabled:OAuth is the recommended way to create an EngageFabric account. After signup, users can also set a password for email/password login.
JWT Authentication
JWT (JSON Web Tokens) are used for authenticating admin console users and can be used for WebSocket connections.Obtaining a JWT Token
Using JWT Tokens
Include the token in theAuthorization header:
Token Expiration
WebSocket Authentication
For real-time features, authenticate WebSocket connections with a short-lived JWT:WebSocket tokens have a shorter expiration (15 minutes) for security.
Implement token refresh logic in your application.
Role-Based Access Control (RBAC)
EngageFabric implements RBAC for tenant management:Rate Limits
API requests are rate-limited based on your project tier:
When rate limited, you’ll receive a
429 Too Many Requests response with headers:
