API Keys

Generate API keys to connect external applications and services to Infodeck. API keys enable programmatic access to your organization's data.

Quick Summary

Go to Settings → API Keys to create keys for integrating external systems with Infodeck.

---

Before You Begin

Requirements

• You must be an Organization Admin or Owner
• API Keys are available on Professional and Enterprise plans only
• Have a secure location ready to store your API secret

---

Accessing API Keys

1. Click the Settings () icon at the bottom of the sidebar
2. Under Organization Settings, click API Keys
3. The API key management page displays

Admin Required

If you see a blurred or locked view, you need admin permissions or a plan upgrade. Contact your organization owner.

---

Plan Requirements

Plan	API Keys
Lite	Not available
Basic	Not available
Professional	Available
Enterprise	Available

Upgrade Required

If you see a lock icon, upgrade to Professional or Enterprise to access API Keys.

---

Creating an API Key

Step 1: Open the Create Dialog

1. Click the Create API Key button
2. The creation dialog opens

Step 2: Name Your API Key

Field	Required	Description
API Key Name	Yes	Descriptive name for this key (e.g., "BMS Integration")

Step 3: Save and Copy the Secret

1. Click Create Key
2. Important: Copy the API secret immediately

One-Time Display

The API secret is shown only once. Copy it now and store it securely. You cannot retrieve it later.

3. Click Copy to copy the secret to your clipboard
4. Store the secret in a secure location (password manager, secrets vault)

---

Understanding API Keys

Key Components

Component	Description	Example
Name	Your chosen label	"BMS Integration"
Key Prefix	Visible identifier	idk_abc123...
Secret	Full key for authentication	Shown once at creation
Status	Active or Revoked	Active

Key Prefix

The key prefix is a shortened version of your API key:

• Displayed in the list for identification
• Use it to identify which key is being used
• Not sufficient for authentication (need full secret)

---

Managing API Keys

View All API Keys

The API keys list shows:

Column	Description
Name	Key name with icon
Key Prefix	Shortened key identifier
Status	Active (green) or Revoked (red)
Last Used	When the key was last used
Created	Creation date and time
Actions	Available actions

Copy Key Prefix

1. Find the key in the list
2. Click the Actions menu (three dots)
3. Select Copy Prefix
4. The prefix copies to your clipboard

Revoke an API Key

When a key is compromised or no longer needed:

1. Find the key in the list
2. Click the Actions menu (three dots)
3. Select Revoke Key
4. Confirm the revocation

Immediate Effect

Revoking a key immediately stops all API access using that key. Any applications using the key will fail to authenticate.

Revoked Keys

After revocation:

• The key shows "Revoked" status in red
• The key cannot be reactivated
• Actions menu shows a dash (—)
• Create a new key if needed

---

Using API Keys

Authentication

Include your API key in requests to the Infodeck API:

Authorization: Bearer YOUR_API_SECRET

API Documentation

For full API documentation, including endpoints and examples:

• Visit the API Documentation
• Review authentication requirements
• Test endpoints with your API key

---

Real-World Examples

Example 1: Building Management System Integration

Situation: Your BMS needs to pull work order data from Infodeck.

Solution:

1. Go to Settings → API Keys
2. Click Create API Key
3. Enter name: "BMS Integration - Building A"
4. Click Create
5. Copy and securely store the secret
6. Configure your BMS with the API key

Result: Your BMS can now query Infodeck for work order information.

---

Example 2: Custom Dashboard Application

Situation: You're building a custom dashboard that displays Infodeck data.

Solution:

1. Create an API key named "Custom Dashboard"
2. Store the secret in your application's secure configuration
3. Use the key to authenticate API requests
4. Display the retrieved data in your dashboard

Result: Your custom dashboard shows real-time data from Infodeck.

---

Example 3: Automated Reporting Script

Situation: You need to generate automated reports from Infodeck data.

Solution:

1. Create an API key named "Automated Reports"
2. Store the secret in your server's environment variables
3. Your script uses the key to fetch report data
4. Generate and distribute reports automatically

Result: Reports are generated without manual intervention.

---

Security Best Practices

Key Management

1. Use descriptive names — Clearly identify each key's purpose
2. One key per application — Don't share keys between apps
3. Rotate keys regularly — Create new keys and revoke old ones periodically
4. Revoke unused keys — Remove keys for decommissioned integrations

Secret Storage

1. Never commit secrets to code — Use environment variables
2. Use a secrets manager — HashiCorp Vault, AWS Secrets Manager, etc.
3. Limit access — Only authorized personnel should see secrets
4. Audit access — Review who has access to API secrets

Monitoring

1. Check "Last Used" — Monitor for unexpected activity
2. Review regularly — Audit your API keys monthly
3. Investigate anomalies — Unusual usage patterns may indicate compromise

---

Troubleshooting

Can't Access API Keys

Issue	Cause	Solution
Page is blurred	Not an admin	Request admin access from owner
Feature locked	Lite/Basic plan	Upgrade to Professional or Enterprise

API Key Not Working

Issue	Cause	Solution
401 Unauthorized	Invalid key	Verify you're using the full secret
401 Unauthorized	Key revoked	Create a new API key
403 Forbidden	Permission issue	Check API endpoint permissions

Lost API Secret

Issue	Cause	Solution
Can't find secret	Shown only once	Revoke old key, create a new one

---

Related Articles

• API Documentation
• Integrations
• Settings Overview

---

Need help? Contact Infodeck Support