API Keys

API keys allow programmatic access to your organization’s data for integrations and automation.

Creating an API key

Admin role required

1. Go to Admin > API Keys
2. Click Create Key
3. Give the key a descriptive name (e.g., “CRM Integration”)
4. Select the scopes (permissions) the key should have
5. Copy the key immediately — it won’t be shown again

Scopes

API keys use scoped permissions. A key can only access the endpoints its scopes allow. Available scopes include read and write access to contacts, buildings, owners, and other entities.

Key management

• Rotate — Generate a new key value while keeping the same name and scopes
• Revoke — Permanently disable a key
• Keys are tied to your organization and can only access your org’s data

Best practices

• Give each integration its own key with the minimum scopes needed
• Rotate keys periodically
• Revoke keys immediately when an integration is decommissioned
• Never share API keys in email, chat, or version control