API Key Management

Create and manage API keys for external integrations.

API keys provide secure access to the External API for third-party tools and custom integrations. Each key can have specific scopes to limit access.

Creating an API Key

  1. Navigate to Settings > API Keys in the dashboard
  2. Click Create API Key
  3. Enter a descriptive name (e.g., "GTM Dialer Production")
  4. Select the required scopes for your integration
  5. Optionally set an expiration date
  6. Click Create
  7. Important: Copy the key immediately. The full key is only shown once.

Key Format

API keys follow this format:

ee_live_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
  • ee_ - Enrich Engine prefix
  • live_ - Environment indicator
  • xxx... - Unique key identifier

Available Scopes

ScopePermissions
lists:readView lists, list metadata, and list counts
lists:writeCreate, update, and delete lists
leads:readView lead details including contact information
leads:writeCreate, update, and delete leads

Security Best Practices

Never expose keys in client-side code

API keys should only be used in server-side code or secure backends. Never include them in JavaScript bundles, mobile apps, or public repositories.

Use environment variables

Store API keys in environment variables, not in code:

# .env file
ENRICH_API_KEY=ee_live_xxxxxxxxxxxxx

# Access in code
const apiKey = process.env.ENRICH_API_KEY;

Principle of least privilege

Only grant the scopes your integration actually needs. If you only need to read lists for a dialer, don't include write scopes.

Rotate keys regularly

Create new keys periodically and revoke old ones. Set expiration dates for keys that don't need indefinite access.

Use separate keys per integration

Create a unique key for each integration. This allows you to revoke access to one integration without affecting others.

Managing Keys

In the API Keys section of Settings, you can:

  • View all keys - See key names, prefixes, scopes, and last used timestamps
  • Revoke keys - Immediately disable a key (cannot be undone)
  • Rename keys - Update the display name for organization

Note: You cannot view the full key after creation, only the prefix (e.g., ee_live_abc...). If you lose a key, create a new one.

Troubleshooting

401 Unauthorized

  • Verify the key is correct and hasn't been revoked
  • Check the header format: X-API-Key: ee_live_xxx
  • Ensure the key hasn't expired

403 Forbidden

  • Check that the key has the required scopes for the endpoint
  • Verify you're accessing resources in the key's organization