User guideIntegrationsAPI access
Integrations

API access

Create and manage API keys for programmatic access.

Overview

VerifyWise provides API access for programmatic integration with external applications, scripts, and automation workflows. API keys allow authenticated access to VerifyWise features without requiring interactive login.

Use API keys to build custom integrations, automate data synchronization, or connect VerifyWise with your existing tools and processes.

Accessing API keys

To manage API keys:

  1. Navigate to Settings from the main menu
  2. Select the API Keys tab
  3. View your existing keys or create new ones
Only users with the Admin role can view and manage API keys. The API Keys tab is not visible to Editors or Viewers.

Creating an API key

To create a new API key:

  1. Click "Create new key" or "Create API key" button
  2. Enter a descriptive name for the key (e.g., "Production API Key", "CI/CD Pipeline")
  3. Click Create
  4. Copy the generated key immediately
  5. Click "I copied the key" to close the dialog
Create API key modal with a key name input field and Create button
Enter a descriptive name for your API key to help identify its purpose.
Important
The API key is only shown once when created. Copy it immediately and store it securely. You cannot retrieve the key later. If you lose the key, you must create a new one.

Key naming best practices

Use descriptive names that indicate the key's purpose:

  • Environment-based: Production API Key, Staging API Key, Development Key
  • Purpose-based: Model Sync Key, Reporting Automation, CI/CD Integration
  • Application-based: Data Pipeline Key, Dashboard Integration

Key names must be between 3 and 50 characters. Each key name must be unique within your organization.

Viewing API keys

The API keys list displays the following information for each key:

  • Name: The descriptive name you assigned to the key
  • Status: Whether the key is Active or Expired
  • Created: When the key was created
  • Expires: When the key will expire
API Keys settings tab showing a list of API keys with their names, status indicators, creation dates, and expiration dates
The API Keys tab displays all your API keys with their status and expiration information.

Active keys display a green status badge. Expired keys show a warning indicator and can no longer be used for API access.

Deleting API keys

To delete an API key:

  1. Find the key in the API keys list
  2. Click the delete icon for that key
  3. Confirm the deletion when prompted
Deleting an API key immediately invalidates it. Any applications using the key will lose access. This action cannot be undone.

Using API keys

To authenticate API requests, include your API key in the request headers:

Include the key in the Authorization header as a Bearer token:

  • Header name: Authorization
  • Header value: Bearer YOUR_API_KEY

Security best practices

  • Never share keys: Keep API keys confidential. Do not share them in emails, chat, or version control.
  • Use environment variables: Store keys in environment variables rather than hard-coding them in applications.
  • Rotate regularly: Periodically create new keys and delete old ones to limit exposure.
  • Use separate keys: Create separate keys for different environments and purposes.
  • Monitor usage: If you suspect a key has been compromised, delete it immediately and create a new one.
  • Limit access: Only administrators should have access to API key management.

Key expiration

API keys have an expiration date set when created. Monitor your keys and create new ones before existing keys expire to maintain uninterrupted access.

When a key expires:

  • The key status changes to Expired
  • API requests using the key will be rejected
  • You must create a new key and update your applications

Troubleshooting

Receiving 401 Unauthorized errors

  • Verify the API key is correct and complete
  • Check that the key has not expired
  • Ensure the Authorization header is properly formatted
  • Confirm the key has not been deleted

Lost API key

If you lose an API key, you cannot retrieve it. Create a new key and update your applications to use the new key. Delete the old key if it is no longer needed.

Frequently asked questions

How many API keys can I create?

There is a limit on the number of API keys per organization. If you receive an error about reaching the maximum, delete unused keys before creating new ones.

Why am I getting a duplicate name error?

Each API key must have a unique name within your organization. If a key with that name already exists, choose a different name or delete the existing key first.

What permissions does an API key have?

API keys provide access to VerifyWise API endpoints based on the permissions available to your organization. The specific endpoints and operations available are documented in the API reference.

Are there rate limits?

API requests may be subject to rate limiting to ensure platform stability. If you encounter rate limit errors, reduce the frequency of your requests or contact support for guidance.

Related articles

Integration overview

View all available integrations

Role configuration

Understand roles and permissions

PreviousSlack integration
NextMLflow integration
API access - Integrations - VerifyWise User Guide