Authentication

Roamify API uses Bearer token authentication. Send your access token in the Authorization header for every authenticated request.

Authentication
Authentication Flow
Access Token Policy
Token Rotation
Usage - how to use your Access Token

Authentication Flow

Get Access Token: Retrieve your Access Token (called API Key in the portal) from Roamify Partner Portal .
Choose environment:
- Development: https://api-dev.getroamify.com
- Production: https://api.getroamify.com
Use Access Token: Include the token in the Authorization header as Bearer <token>.

Access Token Policy

Your Access Token is long-lived and does not expire automatically. It remains valid until you rotate it in the Partner Portal.

Token Rotation

You can rotate your Access Token in the Roamify Partner Portal under API Keys. After rotation, the old token is immediately invalidated.

Usage - how to use your Access Token

Here is an example of how you can use your Access Token to make requests to Roamify eSIM API.

curl


curl --request GET \
--url 'https://api-dev.getroamify.com/api/esim/countries' \
--header 'Authorization: Bearer {{token}}' \
--header 'Content-Type: application/json' \

Response and Error Handling

Authentication itself is header-based, so response payloads depend on the endpoint you call.

Common status codes:

200: Request accepted.
401: Missing token, malformed Authorization header, or invalid/rotated token.
403: Token is valid but does not have permission for the requested action.
500: Internal server error. Retry the request with backoff or contact support if the issue persists.

For exact response schema, check each endpoint reference page.