REST API · v1

REST API

A scoped, versioned HTTP/JSON API covering the whole ReachHQ platform. Authenticate with a workspace API key, request only the scopes you need, and get typed errors and consistent pagination on every endpoint.

Base URL & versioning

All endpoints live under the /api/v1 prefix:

  • Production: https://api.reachhq.io/api/v1
  • QA: https://api.qa.reachhq.io/api/v1

The version is in the path. Breaking changes ship under a new version rather than silently changing v1.

Authentication

Create an API key in the ReachHQ app under Settings › API keys and select the scopes it should carry. The secret (prefixed rhq_live_) is shown once at creation. Send it as a bearer token:

bash
curl https://api.reachhq.io/api/v1/campaigns \
  -H "Authorization: Bearer rhq_live_xxx"

A key can never carry more authority than the workspace role of the member who created it. AI assistants can use a key the same way, or connect through the OAuth connector.

Scopes

Every operation declares the scope it requires: one <resource>:read and one <resource>:write per domain, plus a dedicated scope for anything existentially risky. Actions that send email or change who can receive it, and other sensitive scopes, are never part of a broad grant.

Account

ScopeAllowsFlags
account:readView your name, email, and the workspaces you can access.

Workspace

ScopeAllowsFlags
workspace:readView workspace settings, sending credits, and health score.
workspace:writeUpdate workspace settings and tracking domains.sensitive
members:readView workspace members and their roles.
members:writeInvite, change the role of, and remove members.sensitive

Campaigns

ScopeAllowsFlags
campaigns:readView campaigns, sequences, settings, reports, and analytics.
campaigns:writeCreate and edit campaigns, sequences, and settings.
campaigns:launchLaunch, pause, and resume campaign sending.sends email sensitive

Recipients

ScopeAllowsFlags
recipients:readView campaign recipients and their delivery status.
recipients:writeAdd, import, and remove recipients on a campaign.

Leads

ScopeAllowsFlags
leads:readView and export leads, tags, and notes.
leads:writeCreate, edit, import, and delete leads, tags, and notes.
leads:suppressSuppress or unsuppress leads. Changes who can receive email.sensitive
lead_lists:readView lead lists and their members.
lead_lists:writeCreate, edit, and delete lead lists and members.
custom_fields:readView custom fields and template variables.
custom_fields:writeCreate, reorder, edit, and delete custom fields.

Deals

ScopeAllowsFlags
deals:readView deals.
deals:writeCreate and delete deals.

Mailboxes

ScopeAllowsFlags
mailboxes:readView connected mailboxes, settings, and auth status.
mailboxes:writeEdit mailbox settings and tags; pause or resume.
mailboxes:connectConnect, disconnect, and delete sending mailboxes.sensitive

Inbox

ScopeAllowsFlags
inbox:readRead inbox threads, messages, and drafts.
inbox:writeManage threads, drafts, and message categories.
inbox:sendSend and schedule replies from your mailboxes.sends email sensitive

Warmup

ScopeAllowsFlags
warmup:readView warmup status, bounce analysis, and pools.
warmup:writeEnrol, configure, and start/pause/stop warmup and pools.

Verification

ScopeAllowsFlags
verification:readView verification jobs, results, usage, schedules.
verification:writeCreate, cancel, retry, and configure verification.

Deliverability

ScopeAllowsFlags
deliverability:readView scores, domains, alerts, placement tests.
deliverability:writeRun checks and manage alerts, settings, Postmaster.
block_list:readView the suppression / block list.
block_list:writeAdd or remove block-list entries. Changes who can receive email.sensitive

Analytics

ScopeAllowsFlags
analytics:readRead reporting and analytics data.

CRM

ScopeAllowsFlags
crm:readView CRM connections and segments.
crm:writeConnect and disconnect CRM integrations.sensitive

Webhooks

ScopeAllowsFlags
webhooks:readView outbound webhooks and delivery history.
webhooks:writeCreate, test, requeue, and delete outbound webhooks.

Billing

ScopeAllowsFlags
billing:readView subscription, plan, and credit status.sensitive
billing:writeStart checkout, change the plan, buy seats and credits.sensitive

Agency

ScopeAllowsFlags
agency:readList the client workspaces you own or administer.

Lead Search

ScopeAllowsFlags
lead_search:browseSearch external B2B data. Email/phone masked until revealed.
lead_search:revealReveal a result's email/phone and save it. Spends credits.sensitive
lead_search:listsManage saved prospect lists and add results to them.

Errors

Errors use standard HTTP status codes and a typed JSON body: { code, message, traceId, details? }. The code is a stable machine-readable string; traceId correlates the request in our logs.

StatusCodeMeaning
400VALIDATION_ERRORThe request body or query failed validation.
401UNAUTHORIZEDMissing, invalid, or expired credentials.
403FORBIDDENThe credential lacks a required scope.
404NOT_FOUNDThe resource does not exist in this workspace.
409CONFLICTA version conflict or duplicate.
429RATE_LIMITEDToo many requests; back off and retry.
503SERVICE_UNAVAILABLEA downstream service was unavailable; retry.

Example, calling a launch endpoint with a read-only key:

http
HTTP/1.1 403 Forbidden
WWW-Authenticate: Bearer error="insufficient_scope", scope="campaigns:launch"

{
  "code": "FORBIDDEN",
  "message": "Insufficient scope",
  "details": { "required": ["campaigns:launch"], "missing": ["campaigns:launch"] },
  "traceId": "3f9c2a8e..."
}

Rate limits

The REST surface is limited to 600 requests per 60 seconds per credential. Exceeding it returns 429 with code RATE_LIMITED. The MCP server has its own limit of 240/min.

Full reference

The complete, always-current list of endpoints, parameters and responses is generated from the running API:

Open the API reference