Skip to main content

Authentication

The Consumer Signals API supports two primary authentication methods: API keys for long-lived programmatic integrations and JWTs for the web application.
Briefed API keys provide long-lived, scoped access for automated workflows, data pipelines, and programmatic integrations. They do not expire unless manually revoked.

Creating a key

  1. Sign in at id.briefedmedia.com
  2. Navigate to API Keys
  3. Create a new key with the scopes you need (e.g., read:signals, read:briefings)
API keys are shown only once at creation. Store them securely — they cannot be retrieved later.

Using your key

Pass the API key in the Authorization header:
curl https://api.consumersignals.io/api/cpix \
  -H "Authorization: Bearer brf_live_your_key_here"

Available scopes

ScopeDescription
read:signalsRead CPIx scores, signals, and drivers
read:briefingsRead weekly briefings and narratives
read:dataRead general data endpoints
read:marketsRead market data (US and UK)
write:alertsCreate and manage alerts
API keys require an Enterprise plan. Non-Enterprise keys will receive a 403 response.

JWT Authentication (web application)

JWTs are used automatically by the web application at app.consumersignals.io. They are short-lived (15 minutes) and not recommended for programmatic integrations. JWTs are issued by id.briefedmedia.com and signed with HMAC-SHA256. The API also accepts JWTs from the cs_jwt httpOnly cookie set during browser authentication.

Plan Tiers & API Access

Programmatic API access is available exclusively on the Enterprise plan. Professional and Team customers access Consumer Signals through the web application at app.consumersignals.io.
ProfessionalTeamEnterprise
Price£5,000 / year£20,000 / yearCustom
Seats15Unlimited
Web applicationFull accessFull accessFull access
Programmatic API accessFull access
Data ExplorerFull access
Dedicated supportIncluded
Custom integrationsIncluded
Non-Enterprise users who attempt programmatic API requests (e.g., via curl or custom integrations) will receive a 403 response:
{
  "ok": false,
  "error": "Programmatic API access requires an Enterprise plan."
}
To discuss Enterprise API access, contact sales@briefedmedia.com.

Alert-Token Authentication

Alert tokens provide scoped access to the alerts and views endpoints. They are designed for webhook receivers and downstream integrations that do not require full API access.

Obtaining an alert token

curl -X POST https://api.consumersignals.io/api/alerts/token \
  -H "Authorization: Bearer eyJhbGciOiJIUzI1NiIs..." \
  -H "Content-Type: application/json"

Using an alert token

Pass the token in the X-Alert-Token header:
curl https://api.consumersignals.io/api/alerts \
  -H "X-Alert-Token: at_abc123..."
Alert tokens are long-lived and scoped exclusively to alerts and views endpoints. They cannot be used to access CPIx, signals, or AI endpoints.

Admin Authentication

Admin endpoints accept a static secret in the Authorization header. This method is restricted to platform administration and is not available to standard API consumers.
curl https://api.consumersignals.io/api/admin/... \
  -H "Authorization: Bearer <ADMIN_SECRET>"
The admin secret grants unrestricted access to all platform operations. It must never be exposed in client-side code or shared with external parties.

Rate limits

See the Rate Limits guide for details on throttling applied to AI-powered endpoints.