Breww public API

Breww has an open API that anyone can use to build integrations with Breww.

API keys are used for authentication and can be generated in Settings -> Breww Apps & API.

Documentation on the available endpoints, data structure and more can be found at Breww public API documentation.

The API uses the REST (Representational State Transfer) architecture with JSON responses.

Breww does not currently offer a SOAP or OData interface.

API key access levels

Each API key has a single access level that controls what it's allowed to do. There are only two options, and they apply to the entire key — there are no per-endpoint scopes or per-resource permissions on Breww API keys.

• Read only — the key can only make safe, non-modifying requests. In practice this means GET, HEAD and OPTIONS only. Any attempt to POST, PUT, PATCH or DELETE will be rejected.
• Full access — the key can make any request the public API supports, including reads, writes, updates and deletes. This is the default for new API keys.

Every endpoint listed in the public API documentation is reachable by any authenticated key, regardless of access level — the access level only controls which HTTP methods are allowed, not which endpoints are visible. There is no way to grant a key partial access to a subset of endpoints.

You can see and change a key's access level by going to Settings -> Breww Apps & API and editing the key.

Troubleshooting "endpoint not reachable" errors

If you're getting an error that suggests an endpoint is unreachable, blocked, or returning permission errors, the cause is almost always one of the following:

• A read-only key is being used for a write request. A 403 (or similar) on POST, PUT, PATCH or DELETE from a read-only key is expected behaviour. Either change the key's access level to Full access or use a different key for write operations.
• The Authorization header is malformed. The header must be in the exact format documented in the API documentation. Missing the token prefix or sending the raw token without the prefix will be treated as an unauthenticated request.
• The base URL is wrong. All public API endpoints are under https://breww.com/api/.... Requests to other paths will not hit the API.
• The endpoint isn't part of the public API surface. Some functionality in Breww doesn't have a public API endpoint yet. If the endpoint isn't in the public API documentation, it isn't accessible to API keys, regardless of access level.

If you're still stuck after checking the above, get in touch with Breww support with the exact request URL, HTTP method, and the response Breww returned.