API Key

Legacy Alert! This feature should only be used if a 3rd party developer asked for the encryption key. The encryption key is only needed for the Legacy authentication method. If you are unsure if you should use this please talk with the 3rd party developer to find out. If you are attempting to set up a new integration please visit https://developer.keap.com/get-started/. 

1. Click your profile icon and select Settings in the menu.
   
   
2. Select API settings from the list
   
   
   
3. Personal Access Tokens - Any user of the app can create a personal access token, but it operates under the user context of the user creating it. Scopes can be used to limit access, but user permissions are the limiting factor with the highest priority. Intended for casual/entry level developers, developers who want to play around with the API, or developers who want a simple authentication experience scoped to a single user and are less concerned about security.
4. Service Account Keys - Only admins can create a service account key as it will grant admin access to all of the API. Scopes can be used to limit access. Intended for trusted applications integrating with the API.
   1. Click the plus icon on the key would like to create
      
      
      
   2. Enter a name that will distinguish this key from others and click Authorize
      
      
      

   3. Copy the key and save it to a safe place as you will no longer be able to access it again!

      
      

   4. In the future if you are no longer actively using a key we recommend that you remove it by clicking the icon on the same row to prevent unauthorized usage. You will be prompted to confirm, and if you do so the key will be removed. It may take several minutes for this deletion to propagate through our gateway.
      
      
   5. Now you can then use this key to make any normal API call necessary against the full Keap API
      
      

5. URI:  https://api.infusionsoft.com Headers:  "X-Keap-API-Key": "ProvideYourKeyHere"

   1. Be sure to treat your API Key as a protected secret, never committing it to source code repositories or deploying it alongside your application code. It is effectively a “password” for your own personal authorization to access data on your behalf.
   2. Quotas and Throttles:
      1. 5 Queries per Second
      2. 120 Queries per Minute
      3. 15000 Queries per Day
6. Legacy API Key - Essentially, the Legacy API Key is the same thing as a Service Account Key, but you can only have one active at a time. To create a new Legacy API key, click the Generate Legacy Key button, and enter a passphrase.
   
   
   
   
7. To generate a new Legacy API Key, click the Replace Legacy Key button and enter a new passphrase.