About API Keys

In this article, we'll cover what an API is, how to use an API key to grant access to your Activetrail account, and where to go for support with any additional questions that you may have about the Activetrail API Reference.

What Is an API?

API stands for application programming interface It can be helpful to think of the API as a way for different apps to talk to one another. For many users, the main interaction with the API will be through API keys, which allow other apps to access your account without you giving out your password.

Find or Generate Your API Key

If you want to set up an integration with your Activetrail account, chances are high that you'll need to generate an API key. Users with Manager permissions on our web app can generate and view their own API keys. Below, you'll learn how to grab an existing API key or generate a new one.

  1. Click your account (top right) to expand the Account Panel, and choose Settings.
  2. Click the API apps tab menu.
  3. Copy an existing API key by opening one and copy the token (“Access token”) or click the New button.
  4. Name your key descriptively, so you know what application uses that key.
  5. You can add Authorized ips so your key can only be used from a specific IPs.
  6. Add Expiry date if you want to impose a time limit on connection to the key.

Disable an API Key

If you're worried that an API key has been compromised, or you no longer use the integration that was accessing your account through a particular API key, you can disable that API key. Follow the steps below to disable the API key.

  1. Click your account (top right) to expand the Account Panel and choose Settings.
  2. Go to API apps tab.
  3. Click the Extras menu and choose API keys.
  4. Find the API key you want to disable, open it and uncheck the Active checkbox and click save.

API Key Security

API keys grant full access to your Activetrail account and should be protected the same way you would protect your password. In particular, there are a few common scenarios to keep in mind when working with API keys.

  • Give each integration its own API key, and write a description for each key so you know which key goes with which application. If a specific API key is compromised, you can disable that key without disabling access to all of your other integrations.
  • If you know what IPs a specific Access token will work from, add the IPs to Authorized ips (comma separated) to limit access.
  • You can limit test / development Access tokens by giving them an Expiry date.
  • Be careful not to expose the key to the public (such as in screenshots, videos, or help documentation). Remember that blurring your data isn't always enough. It's best to use "cut" functions in your graphics program to remove the data completely.
  • If a key needs to be shared, generate a new key and label it accordingly so it can be disabled, if needed. Never email the API key, because it would allow access to your Activetrail account if hackers were to compromise your email account.
  • If you revoke a user's access to your Activetrail account, any API keys created by the user will be removed from your account.

API Support

Our Activetrail Support Team isn't trained for in-depth API troubleshooting. If you need a developer to help you configure something using the API, it can take up to a week to for an Activetrail expert to help out. If you're a developer who wants to build your own integration with Activetrail, check out our API documentation.