Bloomerang · Authentication Profile

Bloomerang Authentication

Authentication

Bloomerang secures its APIs with apiKey and oauth2 across 2 declared security schemes, as derived from its OpenAPI definitions. OAuth 2.0 is offered via the authorizationCode flow(s).

NonprofitDonor ManagementCRMFundraisingFundraising Software
Methods: apiKey, oauth2 Schemes: 2 OAuth flows: authorizationCode API key in: header

Security Schemes

apiKeyAuth apiKey
· in: header (X-Api-Key)
oauth2Bearer oauth2
· flows: authorizationCode

Source

Authentication Profile

Raw ↑
generated: '2026-07-11'
method: derived
source: openapi/bloomerang-openapi.yml
summary:
  types:
  - apiKey
  - oauth2
  api_key_in:
  - header
  oauth2_flows:
  - authorizationCode
schemes:
- name: apiKeyAuth
  type: apiKey
  in: header
  parameter: X-Api-Key
  description: Private API key generated by an Administrator user in Bloomerang under User Settings
    > Edit My User. Grants full read/write access - keep it secret.
  sources:
  - openapi/bloomerang-openapi.yml
- name: oauth2Bearer
  type: oauth2
  flows:
  - flow: authorizationCode
    authorizationUrl: https://crm.bloomerang.co/oauth/authorize
    tokenUrl: https://api.bloomerang.co/v2/oauth/token
    scopes: 1
  description: 'OAuth 2.0 access token for third-party applications, presented as `Authorization:
    Bearer {access_token}`.'
  sources:
  - openapi/bloomerang-openapi.yml