Authentication
All API requests require a Bearer Token in the Authorization header.
Getting Your Token
- Log in to your Flowxtra dashboard
- Go to Settings → API Rest
- Your token is displayed at the top — click Copy
Using the Token
Include it in every request:
curl -X GET "https://app.flowxtra.com/api/jobs/index?subdomain=acme" \
-H "Authorization: Bearer YOUR_TOKEN" \
-H "Content-Type: application/json"
Token Format
Tokens follow the format ID|HASH, for example:
1|ExAmPlEtOkEn00000000000000000000000000000000000000
Include the full token including the | character.
Multi-Tenancy
Every request must include the subdomain query parameter to identify your tenant:
?subdomain=your-company-subdomain
Your subdomain is the part before .flowxtra.com in your dashboard URL. For example, if your dashboard is at dpro.flowxtra.com, your subdomain is dpro.
OAuth Authentication
For AI integrations (MCP), Flowxtra also supports OAuth 2.0 with PKCE. See the MCP Setup Guide for details.
Error Responses
| Status | Description |
|---|---|
401 | Missing or invalid token |
403 | Insufficient permissions |
429 | Rate limit exceeded |