WARNING! Do not share your API key with anyone - it is effectively a password that allows access to everything you have permissions for. SmartSuite strongly encourages you to create non-administrator, dedicated API workspaces that have the minimum required permissions to perform their intended tasks. If your API key is compromised in any way, you can regenerate it to invalidate the old key.
API Key authentication lets SmartSuite verify the user workspace associated with a particular API call. Tokens are user-specific and confer the generating user's rights and permissions to the external application making the API call.
Note that the API key must be included in every request made to SmartSuite's API.
Working with Your API Key
About Key Generation
SmartSuite has you generate API keys to ensure that they are unique to you, and that you have requested to allow external API calls to be made with your user workspace permissions.
With a generated key it also allows for regeneration, which creates a new key and invalidates the old one. See below for information on how to do this.
Generating a Key
If you've decided you want to enable API access for your workspace, generating an API key is easy. Just follow these steps:
Make sure you're logged in as the user you want to use for API access, with the appropriate rights and permissions (as few as necessary is the best practice!)
Open your user profile menu by clicking on your username in the upper-right hand corner of the screen.
Click API Key.
Click Generate New Key.
Destroying and re-generating keys
If you feel that your token has been revealed or compromised in any way, then you can easily invalidate it and create a new one.
Here's how:
Make sure you're logged in as the user whose API key you want to regenerate.
Open your user profile menu by clicking on your username in the upper-right hand corner of the screen.
Click API Key.
Click Destroy Token.
Click Generate New Token.
Your old token is immediately inactivated, and you can cut and paste your new token into your API configuration.