Getting started

Authentication

The LifeLoop API uses Bearer token authentication. All requests must include a valid service token in the Authorization header. Tokens are tenant-scoped — a token issued for one tenant cannot access another tenant's data.

Getting your service token

Service tokens are issued through the LifeLoop admin console. Contact your LifeLoop account manager to have a token provisioned for your tenant.

Making authenticated requests

Include the token on every request:

curl

curl https://api.lifeloop.com/api/v1/{tenant}/facilities \
  -H "Authorization: Bearer YOUR_SERVICE_TOKEN"

Token security

Treat your service token like a password — never expose it in client-side code or public repositories
Tokens can be rotated via the admin console at any time
All API requests are logged with the token identifier for audit purposes

Next steps

Learn how scopes and tenant isolation work in Authorization.
Review the Error responses you may encounter.
Understand Rate limiting headers and the 429 response.