Integrations
      Back to home
      1. AngelTrack Knowledge Base
      2. General Topics
      3. Integrations

      API Keys for AngelTrack's APIs

      To access AngelTrack's APIs, your application must have an API key.

      This article discusses AngelTrack's API key system, which is used to authorize third-party applications to exchange data with your AngelTrack server.

      CADAPI.256x192

      Uses of API Keys

      The following AngelTrack APIs use API keys:

      AngelTrack's various other integrations are outbound and so will have their own authentication systems as required by the third party.

      API Key Creation and Configuration

      To create or modify an API key, login to AngelTrack with Administrator privileges, go to Settings, and click on the API Configuration item.

      Your existing API keys are shown. Click Add-Sep-21-2022-08-52-48-77-PM to add a new one.

      Each API key has the following parameters:

      Access key: This acts as the password, which the third-party app uses to authenticate itself.

      Name: A freetext description that you choose to help you remember each API key's purpose. You can change the name at any time without impacting the API key's function.

      Active: Untick this box to deactivate the API key. It will cease to function within four minutes of your deactivating it.

      API privileges: Specify which AngelTrack APIs and integrations will accept the API key.

      Proxy employee: Select an AngelTrack employee record as the proxy. All activities performed using the API key will be attributed to this employee. For example, if the API key is used to book a new dispatch, the dispatch will show that it was created by this employee. See below for details.

      Re-Key

      At any time you can re-key an API key, by visiting the API Key Edit page and clicking the "Re-Key" link.

      After you save a re-keyed API key, the old one will continue to work for 4 hours, giving you time to input the new API key into the third-party application.

      Deactivation and Reactivation

      You can deactivate and reactivate your API keys as you see fit, in the usual way. Obviously, a deactivated key will be rejected if anyone attempts to use it to access AngelTrack.

      Proxy Employee

      Each API key specifies a proxy employee record, in whose name all API activities will be logged.

      To prevent unintended disruption of your API activity, AngelTrack ignores the proxy employee record's security roles.

      Likewise the proxy employee record can be marked 'inactive', if you do not wish to allow a human to use it for ordinary AngelTrack access. Inactive employee accounts can still act as proxy accounts for an API key. The only way to disable an API key's access is to rekey or deactivate the key itself.