Authentication

To authenticate requests to the MarketingBlocks API, you must use an Access Token. This token is a secure key that identifies and authorizes your client or application when making API calls. You can obtain your token from the API Tokens Page. If you don't already have one, you’ll need to generate it from that page.

🔑 Token Structure and Usage Access Tokens are permission-based: When generating a token, you must select one or more permissions (e.g., social-read-posts, social-create-post, etc.). The token will only be valid for API endpoints that match the selected permissions.

• Token lifespan:

  • Tokens can be created to never expire (long-lasting), or

  • The creator can specify a custom expiration (e.g., 7 days).

• Once expired, the token becomes invalid and cannot be used to authenticate requests.

Rate Limiting: All access tokens are subject to a rate limit of 100 requests per second. Exceeding this limit may result in temporary throttling or rejection of requests.

📥 Request Headers Every API request must include the following header:

Authorization: Bearer YOUR-API-TOKEN

Replace YOUR-API-TOKEN with the actual token you generated.

⚠️ Error Handling All successful API responses will return an HTTP status code 200. In the event of an error, the API will respond with:

• An appropriate HTTP status code (e.g., 400, 401, 403, 429, etc.)

• A JSON payload describing the error and the reason for failure.

Example error response:

{
  "status": false,
  "message": "Access token has expired or is invalid."
}