Skip to main content

API Key Authentication

This method is exclusively for customers,if you are current or future partner you will need to create an OAuth app to use our API endpoints.

Using an API key is a way outside of the OAuth. flow to gain access to the Salesloft Public API. API Keys can be used to access the API on behalf of the issuing user.

Provisioning an API Key

You can create apps via your Salesloft Account →Your Applications →API Keys → Create New.

New API Key Page

 

Input a descriptive name that will help you identify your key and click Submit. The next screen will show your assigned key.

API Key View

 

Our API Keys take the form "ak" followed by a 64 character hexadecimal string:

ak_de656ec86bcab24878c24ff4d86758f8963d8ea6bcd4e90f8fae846ba8f9ac62

You can go to Salesloft Account →Your Applications →API Keys to see all of the keys associated with your user.

Protecting an API Key

API Keys function like logins, so keep them protected and never use them in publicly accessible code, like front end applications.

Protecting an API Key is extremely important for reasons such as:

  • Unauthorized API requests: if someone has your API Key they can impersonate and make requests or delete your information without your knowledge or permission

In order to protect you and your organization here are some things to keep in mind:

  • Never use or hard code them in publicly accessible code, like front end applications.
  • Use environment variables(env) or .gitignore file to store your API keys
  • Consider using a key management service

Revoking an API Key

You can go to Salesloft Account →Your Applications →API Keys to see all of the keys associated with your user and choose the one that you want to revoke/delete.

Authorizing Requests

All requests that go to the Salesloft API using API Keys will need to follow the HTTP Authorization Header format below:

Authorization: Bearer YOUR_API_KEY