Need to push testimonials into VideoTestimonials from an external system? API keys let any tool โ your backend, a CRM webhook, a Zap, a cron job โ read and write data in your workspace programmatically.
Create a key
- Go to Dashboard โ Settings โ API Keys.
- Click + Create New Key.
- Enter a name (something descriptive like "HubSpot webhook" or "Internal cron").
- Pick the scopes you want: Read, Write, Delete. Most integrations only need Read + Write.
- Generate.
The full key is displayed once, right after creation. Copy it immediately โ we store it hashed, so if you close the modal without copying, you'll need to generate a new one.
Using the key
Pass the key as a bearer token in the Authorization header:
Authorization: Bearer sk_live_<your-key>
All our public endpoints under /api/v1/ accept this header.
Key scopes
- Read โ list spaces, testimonials, forms, walls.
- Write โ create new testimonials, update status, tag.
- Delete โ remove testimonials (dangerous โ only grant when required).
Rotating and revoking keys
- On the API Keys page, the last used column shows when each key last authenticated. If a key hasn't been used in months, it's safe to delete.
- To rotate a key, create a new one, update your integration to use the new key, then delete the old one.
- Revoke immediately if a key leaks โ we can't restore a revoked key, you'll need to issue a fresh one.
Audit log
Every request made with an API key is logged with timestamp, endpoint, and outcome. Contact support if you need an export of the log for a security review.