Getting and Using ClearPoint API Keys | ClearPoint Strategy

Getting and Using ClearPoint API Keys

This article explains how to generate API keys that can be used to integrate apps with your ClearPoint account. This feature is available for Enterprise accounts.

Feature available for Enterprise Plan customers

In This Article

What is an API and what are API keys?

API stands for application programming interface. An API is the messenger that runs and delivers your request to the provider you’re requesting it from, and then delivers the response back to you. It can also be helpful to envision the API as a way for different apps to talk to one another. If you would like to know more about ClearPoint’s API, please visit our API support article.

API keys allow other apps to access your account without you giving out your password. You will need to generate an API Key if you would like to integrate an app with your ClearPoint account.

Note: Data Loader Keys will now be separate from API Keys. For instructions on Data Loader Keys, see Data Loader 2.0.

Getting API keys

To create new API keys, open System Settings in the control panel. Click on Admin Options.

Click on API Keys.

Click on the plus icon to create a new API Key. In the window, fill out the required fields. Give the API key an API Key Name. We recommend using the name of the application that will be using the key for organization. Select an expiration date under Expires. Your account will automatically be the Mapped User Account. Only elements that the mapped user can access will be accessible via this API key. You can change the Mapped User Account if you would like the API key to be based on the account credentials and permissions of a different user.

Note: The API key allows external applications to perform actions “on behalf” of the mapped user. The mapped user name will appear in Revision History.

Using API keys

From the API key window, you can delete, view and edit, existing API keys. To delete a key, click on the trash icon. If you suspect that an API key has been compromised or you no longer use the integration that was accessing your account through an API key, you should disable that API key by deleting the key. To view a key, click on the key icon. A new window will appear with the Access Key and Secret Key. To edit a key, click on the edit icon. You can change information about the API key such as the name, expiration date, and mapped user.

To use your new API keys, add them as headers for any HTTP call that you wish to make. ClearPoint API keys have two different parts. The first part is the Access Key and the second part is the Security Key. The header keys should be “accessKey” and “secretKey”.

Note: It is important to note that both keys need to be included as request headers when making calls to the ClearPoint API. These are highly sensitive and should never be shared with others.

Using API keys when you are not an Administrator

If you are not an admin, you can still use API keys generated for you by an admin. To see API keys generated for your user, click on your user profile on the upper right corner. Click Edit Profile in the dropdown menu. Navigate to the Security tab to view the API keys generated for your user.

API Key Security

Please treat your API Keys as if they were username and passwords.  All someone needs to log into your account is this key!

If you suspect that an API key has been compromised, or you no longer use the integration that was accessing your account through a particular API key, you can disable that API key. To disable an API key, click the trash icon next to the API key name.