HomePlatformSolutionsArcIn AIResourcesCustomers
Login Request Demo Free Trial →

Authentication

The Applicare API uses bearer-token authentication. Every request carries an API token in the Authorization header; the token's role and scope determine what the request can access.

🕐 4 min readv7.xUpdated Jun 2026

Bearer tokens#

Create a token (see API Tokens) and pass it on every request:

curl -H "Authorization: Bearer $ARC_TOKEN" \
     -H "Accept: application/json" \
     https://applicare.yourco.com/api/v1/services

Requests without a valid token return 401; valid tokens lacking permission return 403.

Scopes#

A token can only do what its role and scope allow. Use a read-only token for exports and dashboards, and a narrowly scoped write token for automation. Never embed an admin token in client-side code.

Rate limits#

The API returns standard rate-limit headers. Honour Retry-After on 429 responses and prefer the Event API stream over tight polling loops.

X-RateLimit-Limit: 600
X-RateLimit-Remaining: 12
Retry-After: 8
Was this page helpful?
Can't find what you need?
Ask ArcIn or reach our support engineers.
Contact Support →