All Collections
API
Generating an API Key
Generating an API Key

Create an access token that allows you to use SmartSuite's REST API

Peter Novosel avatar
Written by Peter Novosel
Updated over a week ago

WARNING! Do not share your API key with anyone - it is effectively a password that allows access to everything you have permissions for. SmartSuite strongly encourages you to create non-administrator, dedicated API workspaces that have the minimum required permissions to perform their intended tasks. If your API key is compromised in any way, you can regenerate it to invalidate the old key.

API Key authentication lets SmartSuite verify the user workspace associated with a particular API call. Tokens are user-specific and confer the generating user's rights and permissions to the external application making the API call.

Note that the API key must be included in every request made to SmartSuite's API.

Generating an API Key video

Working with Your API Key

About Key Generation

SmartSuite has you generate API keys to ensure that they are unique to you, and that you have requested to allow external API calls to be made with your user workspace permissions.

With a generated key it also allows for regeneration, which creates a new key and invalidates the old one. See below for information on how to do this.

Generating a Key

If you've decided you want to enable API access for your workspace, generating an API key is easy. Just follow these steps:

  1. Make sure you're logged in as the user you want to use for API access, with the appropriate rights and permissions (as few as necessary is the best practice!)

  2. Open your user profile menu by clicking on your username in the upper-right hand corner of the screen.

  3. Click API Key.

  4. Click Generate New Key.

Generate API Key button

Destroying and re-generating keys

If you feel that your token has been revealed or compromised in any way, then you can easily invalidate it and create a new one.

Here's how:

  1. Make sure you're logged in as the user whose API key you want to regenerate.

  2. Open your user profile menu by clicking on your username in the upper-right hand corner of the screen.

  3. Click API Key.

  4. Click Destroy Token.

  5. Click Generate New Token.

Destroy token function

Your old token is immediately inactivated, and you can cut and paste your new token into your API configuration.

Related Articles
Retrieving your API Key and Workspace Id
Bulk Record Actions in the REST API
Connecting SmartSuite to WeWeb
Connecting SmartSuite to Integrately
Did this answer your question?