Issue and revoke API keys
By default, you have a Master API key.
If you're concerned one of your Master API keys has been compromised, you should follow instructions to revoke the old key and issue a replacement key.
If you're integrating with multiple systems, for example, a CRM and a transaction monitoring system, you should issue one new API key for every system. You should do this for your demo account and your production account.
Issue a new API key
To issue a new API key:
Sign in to the portal with your demo or your live sign-in details.
Go to the Manage account icon and select .
Select Issue Master API Key dialog is displayed.
. TheEnter a name for your API key into the API key name field. Choose a name that's at least six letters long.
To ensure your audit reports will be easy to read, avoid using any of the names of your users as the name of your API key.
Select
. The new key is generated and displayed at the top of the list of keys. You can begin using it in your integration immediately.
If you're using allow listing, only allow listed IP addresses should have access to your master key.
Revoke an API key
Before revoking an API key, you may want to ensure the key is not being used anywhere in your integration. Once you revoke the API key, any integration using it will stop working immediately, and it is not possible to reissue an API key that has been revoked.
To revoke an API key:
Sign in to the portal with your demo or your live sign-in details.
Go to the Manage account icon and select .
Select the Delete button next to the key.
A confirmation dialog is displayed to let you know that this action cannot be undone.
Select
. The key is revoked and removed from your list of API keys.