Generating API Keys
How to generate an API Key
- As an admin user, go to the Settings page
- Under General, go to API Key Management
- Click the “+ New API Key” button
- Select a “Nickname” - an identifiable name easy to connect to the it’s actual user.
- Fill in your Contact Email
- Select an Access Type:
- Select Admin for API full permitted user.
- Select 3rd party for channel integration purposes.
- Click on “Activate key”
- You will then be provided with a unique API key that will be used for authentication purposes.
Please note
Access Types
Admin
Admin users have unrestricted access to all API endpoints without functional limitations.
3rd Party User
Third-party keys are limited in access permissions. Only a part of the API calls are available, as listed here.
The "3rd Party" role is designed for users who require access to specific functionalities for general functions, action-related operations, target group-related operations, and external systems integration.
The permissions for this role are defined during the generation of the user token, therefore limiting to specific access permissions.
- Within the API calls available, only certain attributes can be limited to be shared with the 3rd Party provider.
- Additionally, only specific channels can be enabled to a certain CID.
- For both limitations, if none is selected all channels are permitted
Transactional API User
The "Transactional" user role provides access to all endpoints, including the "transactional" functionality.
Users with this role can utilize the full range of API endpoints, including those related to transactional operations.
Please ensure that users are assigned the appropriate roles and permissions based on their intended usage and the level of access required.
Best Practices
To ensure the security of your APIs and prevent unauthorized access to your resources, follow these best practices:
- Use a different API key for each application.
- Regenerate API keys periodically.
- Never share API keys on public platforms like GitHub.
- Use HTTPS to transmit API keys.
- Set up rate limits to control the usage of API keys.
- Monitor API key usage regularly.