API authentication (JWT) — Journalify REST API

How to authenticate with the Journalify API using JWT tokens, scoped per tenant and per role.

5 min read

API base URL

All API endpoints are served under your tenant's API URL:

https://api.journalify.app/v1

Getting an API token

  1. In Atlas (admin portal): Settings → API Keys → Create new key.
  2. Name the key (e.g., "Mailchimp integration") and select scopes.
  3. Copy the token — it is shown only once at creation time.
  4. Store it in your application's secret manager (never commit to source control).

Using the token

Include the token in the Authorization header on every request:

curl -H "Authorization: Bearer YOUR_TOKEN" \
     https://api.journalify.app/v1/articles

Token scopes

  • articles:read — read articles
  • articles:write — create, update, publish articles
  • media:read — read media library
  • media:write — upload media
  • analytics:read — read analytics data
  • webhooks:manage — create and delete webhook subscriptions
  • admin — full access (use sparingly)

Token rotation

Tokens never expire automatically. Rotate them every 90 days as a best practice. To rotate: create a new token, deploy your app with the new token, then revoke the old one in Atlas.

Rate limits

Standard rate limit: 1,000 requests per minute per token. Enterprise plans get 10,000/min. Exceeding the limit returns HTTP 429 with a Retry-After header.

Was this article helpful?
Next
Articles API — programmatic newsroom content management

Was this helpful?

Can't find what you need, or spot something wrong? Let us know — every article is improved based on customer feedback.

Contact support