← All documentation

API & integrations

Authentication & key access levels

Bearer token format, full vs restricted keys, and how to create keys safely.

Authorization header

Authorization: Bearer sk_live_xxxxxxxxxxxxxxxx

Access levels

LevelScopesUse for
Full accessread + writeZapier lead sync, provisioning scripts, write integrations
Restrictedread onlyReporting dashboards, analytics pulls, read-only audits
Keys are shown once at creation. Store them in a secrets manager — never commit keys to git or expose them in client-side JavaScript.