Kaana

API keys are credentials that allow you to:

- Access the Kaana API programmatically
- Build custom integrations
- Automate workflows
- Connect third-party tools

1. Go to Settings
2. Select API Keys

Enter a name for the key (e.g., "Zapier Integration")

Copy the key immediately - it's only shown once!

1. Click + Create API Key
2. Enter a name for the key (e.g., "Zapier Integration")
3. Click Create
4. Copy the key immediately - it's only shown once!

Include owner if shared: "John's Dashboard Key"

- Include the purpose: "Slack Integration"
- Include environment: "Dev Testing Key"
- Include owner if shared: "John's Dashboard Key"

- Key name
- Created date
- Last used date
- Status (active/revoked)

You cannot view the full key after creation.

Include the key in the Authorization header:

curl -X GET "https://app.kaana.com/api/projects" \

<code>-H "Authorization: Bearer abc123def456..." \</code>

<code>-H "Content-Type: application/json"</code>

fetch('https://app.kaana.com/api/projects', {

<code>'Authorization': 'Bearer abc123def456...',</code>

<code>'Content-Type': 'application/json'</code>

<code>response = requests.get('https://app.kaana.com/api/projects', headers=headers)</code>

If a key is compromised or no longer needed:

Go to Settings &gt; API Keys

1. Go to Settings &gt; API Keys
2. Find the key
3. Click Revoke
4. Confirm revocation

Revoked keys immediately stop working. This cannot be undone.

- Never share keys publicly
- Don't put keys in source code
- Use environment variables
- Don't email keys

- Use a secrets manager
- Use environment variables
- Encrypt at rest

- Storing in plain text files
- Committing to git repositories
- Sharing via unsecured channels

1. Create a new key
2. Update your integrations
3. Revoke the old key

- Create separate keys for different uses
- Revoke keys you no longer need
- Audit key usage regularly

API keys inherit your account permissions:

If you're an admin, the key has admin access

You can only access your organization's data

- If you're an admin, the key has admin access
- Tenant isolation is enforced
- You can only access your organization's data

Verify the key is correct (no extra spaces)

Ensure you're using Bearer authentication

- Verify the key is correct (no extra spaces)
- Check if the key was revoked
- Ensure you're using Bearer authentication

Verify you have permission for the action

Confirm you're accessing the correct tenant

- Verify you have permission for the action
- Check if your account is active
- Confirm you're accessing the correct tenant

Create a test request to <code>/api/user</code>

If it works, the issue is with the specific endpoint

If it fails, the key may be revoked or invalid

1. Create a test request to <code>/api/user</code>
2. If it works, the issue is with the specific endpoint
3. If it fails, the key may be revoked or invalid

- Standard: Up to 5 active keys
- Enterprise: Unlimited keys

API keys share your account's rate limits:

- 100 requests/minute (standard)
- Higher limits for enterprise

Name keys descriptively - Know what each key is for

Store securely - Use environment variables or secrets managers

Rotate regularly - Replace keys periodically

Revoke when done - Remove unused keys

Monitor usage - Watch for unusual activity

1. Name keys descriptively - Know what each key is for
2. Store securely - Use environment variables or secrets managers
3. Rotate regularly - Replace keys periodically
4. Revoke when done - Remove unused keys
5. Monitor usage - Watch for unusual activity
6. Use Separate Keys - One per integration

Learn how to create and manage API keys for programmatic access.

API Keys

Home

Privacy Policy

Terms of Service

Find answers and get help from Intercom Support and Community Experts

This site employs cookies and other technologies that we and our third party vendors use to monitor and record personal information about you and your interactions with the site (including content viewed, cursor movements, screen recordings, and chat contents) for the purposes described in our Cookie Policy. By continuing to visit our site, you agree to our {websiteTermsLink}, {privacyPolicyLink} and {cookiePolicyLink}.

This site uses cookies and similar technologies ("cookies") as strictly necessary for site operation. We and our partners also would like to set additional cookies to enable site performance analytics, functionality, advertising and social media features. See our {cookiePolicyLink} for details. You can change your cookie preferences in our Cookie Settings.

We use cookies to make our site work and also for analytics and advertising purposes. You can enable or disable optional cookies as desired. See our {cookiePolicyLink} for more details.

Advertising cookies are set by our advertising partners to collect information about your use of the site, our communications, and other online services over time and with different browsers and devices. They use this information to show you ads online that they think will interest you and measure the ads' performance. Social media cookies are set by social media platforms to enable you to share content on those platforms, and are capable of tracking information about your activity across other online services for use as described in their privacy policies.

These cookies enable the website to provide enhanced functionality and personalisation. They may be set by us or by third party providers whose services we have added to our pages. If you do not allow these cookies then some or all of these services may not function properly.

These cookies are necessary for the website to function and cannot be switched off in our systems.

These cookies allow us to count visits and traffic sources so we can measure and improve the performance of our site. They help us to know which pages are the most and least popular and see how visitors move around the site.

You have the right to opt out of the sale of your personal information. See our {cookiePolicyLink} for more details about how we use your data.

Your Privacy Choices

We use cookies to enhance your experience. You can customize your cookie preferences below. See our {cookiePolicyLink} for more details.

Cookie Settings

Link, Press control-option-right-arrow to exit

Empty Help Center

Uh oh. That page doesn’t exist.

Disappointed

Neutral

Smiley

Thinking...

Searching through sources...

Analyzing...

Tickets submitted through the messenger or by a support agent in your conversation will appear here.

API Keys

What are API Keys?

Accessing API Key Settings

Creating an API Key

Generate a New Key

Key Naming

Viewing Your Keys

Using Your API Key

In API Requests

Example with cURL

Example with JavaScript

Example with Python

Revoking Keys

Security Best Practices

Keep Keys Secret

Store Securely

Rotate Keys

Least Privilege

Key Permissions

Troubleshooting

"Invalid API Key" Error

"Unauthorized" Error

Key Not Working

Limits

Number of Keys

Rate Limits

Best Practices Summary