Create an API Key

API keys authenticate external applications that connect to TrueContext through the TrueContext REST API. Each key links to a named application and controls its access level. Create an API key when you want to integrate a third-party system or custom application with TrueContext.

Available on all tiers:

Contents

• Create an API Key
  • Considerations
  • Prerequisites
  • Steps
  • Reset an API key secret
  • Use an API key to authenticate
  • View and monitor API keys

Considerations

• Each account is limited to 2,500 API calls per day, shared across all API keys. This limit resets daily at 00:00 UTC. To check your remaining calls, go to the API Keys page (Users & Groups > API Keys).
• You can create up to 3 API key applications per account. To create an additional API key when you reach this limit, first delete an existing application.
• Each application supports a maximum of 3 concurrent connections.

Prerequisites

• To create or view API keys, you must be a TrueContext admin.
• To create an API key, your account must have fewer than three existing API key applications. Go to Users & Groups > API Keys to check your current application count.

Warning:A full-access API key has the same permissions as an Admin user. A read-only key has fewer permissions but can still access sensitive company information. Store your API Key An API Key is used to authenticate calls to the TrueContext REST API. An admin creates the API Key in the TrueContext Web Portal to generate the necessary credentials to connect to the API. ID and Secret according to your company's security policies.

Steps

1. In the Web Portal, go to Users & Groups > API Keys > Create an API Key.

   Result: The Create an API Key page opens.

2. In the Name field, enter a name for the API key application.

   Use a name that identifies the connected system — for example, Salesforce Integration or Custom Reporting App.

3. Optional: In the Description field, enter a description of the application's purpose.

4. Optional: To restrict this key to read-only access, select Read-Only in the Access section.

   A read-only key can retrieve data but can't create, update, or delete records through the API.

5. To save the key, select Create.

   Result: The API Key details page opens with the API Key ID and API Key Secret.

6. Copy the API Key Secret and store it in a secure location.

   Warning:This is the only time the API Key Secret is visible. You can't retrieve it after leaving this page. If you lose it, you must reset it.

Reset an API key secret

If an API key secret is lost or compromised, reset it to generate a new one.

Warning: Resetting the secret invalidates it immediately. After resetting, update any integrations or requests that used the previous secret.

1. In the Web Portal, go to Users & Groups > API Keys > List API Keys.

2. Select the API key from the list.

   Result: The API Key details page opens.

3. Select Reset API Key Secret, and then select OK.

   Result: The system generates a new API Key Secret.

4. Copy the API Key Secret and store it in a secure location.

   Warning:This is the only time the API Key Secret is visible. You can't retrieve it after leaving this page. If you lose it, you must reset it.

Use an API key to authenticate

The TrueContext REST API The TrueContext REST API enables developers to update and manage data communicated between TrueContext and their external, third-party systems. Admins can call our API endpoints after they set up an API application and API Key. uses Basic access authentication. Include a Basic Authorization header in each request:

Component	Value
Header	Authorization: Basic <credentials>
<credentials>	The Base64-encoded string API_Key_ID:API_Key_Secret

To build the credentials, concatenate your API Key ID and API Key Secret with a colon, then Base64-encode the result as a single string. Encode them together, not separately.

Note:Base64 encoding is not encryption. Treat your encoded credentials with the same care as a password.

View and monitor API keys

The API Keys page shows all applications connected to your account. Go to Users & Groups > API Keys > List API Keys to open it.

The page shows your total API call count, along with the remaining daily call balance at the top, then lists each application in a table.

Column	Description
Name	The application name you assigned when creating the key. Select the name to open the key's details.
API Key ID	The unique identifier for the key, in the format PFK-xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx. Provide this value to the developer or application that needs to authenticate API requests.
Call Count	The number of daily API calls this key has made, this count resets daily at 00:30 UTC.
Last Call Timestamp	The date and time of the most recent API call made with this key.