BeameryBeamery

Authentication

The Beamery Skills API uses OAuth 2.0 client credentials flow for authentication. All API requests must include a valid access token obtained through the authentication endpoint.

Rate Limits

The authentication endpoint has a rate limit of 30 RPS (requests per second). All other endpoints have a per-company limit of 40 RPS.

Rate Limit Headers

To support integration of the Beamery API, each call made to any endpoint will receive response headers following the Draft Version 3 RFC of RateLimit Header Fields for HTTP:

x-ratelimit-reset: 1
x-ratelimit-remaining: 24
x-ratelimit-limit: 40;w=1
  • x-ratelimit-reset: Number of seconds until the rate limit window resets
  • x-ratelimit-remaining: Remaining requests in the current time window
  • x-ratelimit-limit: Configured limit (e.g., 40 requests per second)

Rate Limit Logic

Implement the following logic to respect rate limits:

Perform HTTP request to any endpoints of Beamery Public-API

If response == 429 OR X-RateLimit-Remaining < 1 Then
  wait until X-RateLimit-Reset before triggering next request
Else
  Trigger next request
POST/oauth/token

Generate OAuth Token

Authenticates the provided clientId and clientSecret and returns an access_token if the credentials are valid.

If the credentials are successfully authenticated, it returns the HTTP 200 status code and a newly generated token along with token type and expiration time in seconds.

Request Body

  • Name
    clientId
    Type
    string
    Description

    Client Id.

  • Name
    clientSecret
    Type
    string
    Description

    Client Secret.

Response

  • Name
    access_token
    Type
    string
    Description

    The access token to use for authenticated requests.

  • Name
    token_type
    Type
    string
    Description

    The type of token (typically "Bearer").

  • Name
    expires_in
    Type
    number
    Description

    Token expiration time in seconds.

Request

POST
/oauth/token
curl https://frontier.beamery.com/v1/oauth/token \
  -X POST \
  -H "Content-Type: application/json" \
  -d '{
    "clientId": "your_client_id",
    "clientSecret": "your_client_secret"
  }'

Response

{
  "access_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
  "token_type": "Bearer",
  "expires_in": 3600
}
GET/oauth/token/permissions

Get Token Permissions

Returns the roles and permissions associated with the token. If the token is valid, it returns the HTTP 200 status code.

Headers

  • Name
    Authorization
    Type
    string
    Description

    Bearer token obtained from the OAuth endpoint.

Response

  • Name
    roles
    Type
    array
    Description

    List of roles associated with the token.

  • Name
    permissions
    Type
    array
    Description

    List of permissions granted to the token.

Request

GET
/oauth/token/permissions
curl https://frontier.beamery.com/v1/oauth/token/permissions \
  -H "Authorization: Bearer your_access_token"

Response

{
  "roles": [
    "admin",
    "user"
  ],
  "permissions": [
    "read:tasks",
    "write:tasks",
    "read:skills",
    "write:skills"
  ]
}

Using Your Access Token

Once you have obtained an access token, include it in the Authorization header of all API requests:

Authorization: Bearer your_access_token

Access tokens have a limited lifetime specified by the expires_in field. Make sure to refresh your token before it expires to maintain uninterrupted API access.