Authentication

Summary

Public integrations use Bearer tokens. Add the access token to your HTTP header and refresh it when it expires.The AI endpoints at /v1/enrich and /v1/score also support Sanka internal requests authenticated with X-Workspace-Code.

Bearer token

Authorization: Bearer <access_token>

Use this header for all public Data Management requests and for OAuth calls to the AI endpoints.

Required scopes

Use object scopes instead of separate AI-only scopes:

POST /v1/enrich requires companies:write
POST /v1/score with object_type=company requires companies:read
POST /v1/score with object_type=deal requires cases:read

Internal auth

Sanka-owned internal tooling can call the root AI endpoints with the existing workspace header:

X-Workspace-Code: <workspace_code>

Use Bearer auth for external integrations and partner applications.

Refresh tokens

curl -X POST "https://api.sanka.com/api/token/refresh/" \
  -H "Content-Type: application/json" \
  -d '{ "refresh": "<refresh_token>" }'

Replace the access token in your integrations after refreshing.

API Basics

Guides

API Reference

Summary

Bearer token

Required scopes

Internal auth

Refresh tokens

API Basics

Guides

API Reference

​Summary

​Bearer token

​Required scopes

​Internal auth

​Refresh tokens

Summary

Bearer token

Required scopes

Internal auth

Refresh tokens