Generating an API key 

How to generate an API key

In order to generate an API key for your workspace, you must be an admin. If you're not an admin for your workspace, you can ask an admin to complete the following steps:

  • From the dropdown beside your workspace name, click Workspace settings
  • Click the Developers tab
  • Click Create a new integration
  • Give your integration a name, plus an optional description and avatar
  • Set the appropriate Scopes for the integration
  • Treat access tokens like passwords - they contain sensitive information. Learn more about keeping your data safe
The Developers tab is shown where new integrations can be created and managed
Create a new integration in the Developers tab in Workspace settings

Once you've created a new integration, click the Access tokens dropdown to manage your access tokens. You can copy existing tokens to your clipboard, or add new ones. 

A dropdown shows where you can copy your tokens to your clipboard
Use the dropdowns to copy access tokens to your clipboard and make changes

Fine-tune the settings for your integration using the Scopes, OAuth, and Webhooks dropdowns.

To make changes to your integrations or delete them, you can always return to the Developers tab in Workspace settings. Learn more about using Attio's API.

Keeping your data safe

Your API keys should be treated as highly sensitive information - think of a token like a password. You should only give tokens to services you fully trust.

Scopes should be used to limit how much access a token has to your Attio data. Use the Scopes dropdown when configuring an integration to fine-tune its access.

If leaked, tokens could be used maliciously - they can provide someone with access to all of your Attio data. If you suspect a token has been compromised, revoke it and replace it with a new one.

Note: Tokens should never be shared with the Attio support team - we'll never ask you for them.

Revoke an access token

Workspace admins can permanently revoke access tokens from the Developers tab of Workspace settings.

To revoke a token, click on the icon beside the integration name. Click Manage integration from the dropdown. Next click the icon beside Access tokens. Locate the token you wish to revoke and click the trash can icon beside it to permanently delete it.

Couldn't find something?

Send us a message in the chat on the right ✌️

© 2023 Attio Ltd. All rights reserved.
We use cookies to improve your experience. You can opt out of certain cookies. Find out more in our privacy policy.