Developers
API keys
Create keys to call the Flowdexa REST API from your own systems and integrations.
For: Developer or admin
Walkthrough video
API keys walkthrough
A short product video or annotated screenshot showing this from the user's point of view.
How it works
Follow these steps to get it set up and working.
- 1Open Settings → API Keys and choose Generate key.
- 2Give it a label and pick a scope — read-only for reporting, or read + write for automation that changes data.
- 3Copy the key once — only its prefix is shown afterward.
- 4Send it on every request as Authorization: Bearer <key> (or the x-api-key header).
- 5Mind the rate limit (higher on Business) and the standard x-ratelimit-* response headers.
- 6Revoke a key the moment a teammate leaves or a vendor contract ends.
What this connects to
The records and settings involved behind the scenes.
- Scope
- Read keys can't write; read+write keys can create and update. Give each integration the narrowest scope it needs.
- Rate limits
- Requests are rate-limited per key by plan; responses carry the limit, remaining, and reset headers.
- Audit log
- Actions taken with a key are recorded in the audit log under an api_key actor, so integration activity is traceable.
- Webhooks
- Pair keys (pull) with webhooks (push) for a complete two-way integration.
Outcome
What you get
External systems can read and write Flowdexa data securely, with scoped, revocable, rate-limited keys.