Authentication

Learn how to authenticate with the rooom REST API using Bearer tokens. Create, manage, and secure API keys for programmatic access.

Account

You need a rooom account to use the API. Free trial accounts have limited API access.

🚀|Get Started with rooom

API Keys

An API key is required to authenticate requests. Pass it in the Authorization header with a Bearer token.

http

Authorization: Bearer <API_KEY>

INFO

The Bearer prefix is mandatory. See IETF RFC 6750 for details on the Bearer token scheme.

Create an API Key

API keys can be created and managed from your account settings.

⚙️|Manage API Keys

Open your dashboard, click your profile picture, and select Settings.
Select Integrations from the sidebar.
Click New API key, enter a descriptive name, and choose an expiration date.
Click Create API key, then copy and store the value securely because it will not be shown again.

WARNING

API keys are displayed only once during creation. Make sure to copy and store them securely before closing the dialog.

Expiration

Setting an expiration date is recommended as a security best practice. You can select from predefined expiration periods ranging from 1 day to 3 months. The expiration date is visible on the key management list.

TIP

For production applications, use API keys with shorter expiration periods (1–4 weeks) and implement automatic key rotation.

Failed Authentication

If authentication fails, a 401 Unauthorized error is returned.

API Key Safety

Once created, API keys are not visible in the dashboard. Store them securely — anyone with the key can access the API on your behalf. If you believe a key has been compromised, revoke it immediately from the dashboard.

Authentication

Account ​

API Keys ​

Create an API Key ​

Expiration ​

Failed Authentication ​

API Key Safety ​