Step 1: Get an access token
The API authenticates every request with a Bearer JWT. For a quick start, exchange your account credentials for a token at the login endpoint:For third-party apps, use the OAuth 2.0 authorization-code + PKCE flow instead of
storing credentials. See Authentication.
Step 2: Call the API
Send the token as a Bearer header on every request:401.
Step 3: Connect the Analytics MCP (optional)
Prefer to drive iZap from an AI client or agent? Point it at the iZap Analytics MCP server and call its tools directly:Next steps
Authentication
OAuth 2.0 flow, discovery, and JWT usage.
REST API
The resources iZap exposes and how to call them.