Skip to main content

Managing Your API Keys

Last updated March 2020

**Configuration Change. ** As of version 4.1, API authentication is enabled by default. For instructions to disable it, see Enforcing REST API/UI User Authentication . Version 4.2 and later add View Adaptive Delivery Data grant type.

When API authentication is enabled, all APIs require that you authenticate with every request by providing an Authorization header with a value equal to a valid API key. The API key must have the appropriate permissions to use the API. Using the UI, administrators can view details about the existing API keys, create new API keys, update existing API keys, and delete API keys no longer need.

Click admin in the upper-right corner, as shown in “admin Username”, to open the Settings section.

Viewing Your API Keys

The Settings section provides a tabular view of your existing API keys, as shown in “API Keys Table”. The following information is displayed in the table for each API key:

  • Key - Label specified when you created the API key

  • Permissions - Valid grant types for which the API key will have access

API keys can access any resource you give them access to except for the user resources. This restriction is for security reasons. An API key should not be able to modify users. If your key gets loose, this restriction prevents it from being used to gain unfettered access to your system accounts. In “API Keys Table”, example_api_key has access to metrics, webhooks, and transmissions.

To create an API key that meets your specific requirements, you must understand the permissions required by each API. Table 44.1, “Grant Types” gives a mapping of the permissions for a given grant type.

View MetricsGET requests on /api/v1/metrics
View Adaptive Delivery DataGET requests on /api/v1/adaptive-delivery
View WebhooksGET requests on /api/v1/webhooks
Modify WebhooksGET, POST, PUT, DELETE requests on /api/v1/webhooks
View TemplatesGET requests on /api/v1/templates
Modify TemplatesGET, POST, PUT, DELETE requests on /api/v1/templates
Preview TemplatesPOST requests on /api/v1/templates
View TransmissionsGET requests on /api/v1/transmissions
Modify TransmissionsGET, POST, PUT, DELETE requests on /api/v1/transmissions
Send via SMTPAllow this API Key to perform SMTP injection (Note that your configuration must support SMTP authorization.)
Manage recipient listsGET, POST, PUT, DELETE requests on /api/v1/recipient-lists
Was this page helpful?