With the ChartMogul API, you can connect to other applications and services to import billing data, add custom attributes, or even share subscription metrics outside your organization — just to name a few. Learn more about our API.
The first step with setting up API access to subscription data and analytics is to create an API key. ChartMogul allows you to create multiple API keys, and we strongly encourage you to use a separate key for each external application or service you connect to ChartMogul.
For example, you import billing data for customers who pay outside your billing system and share your ChartMogul subscription analytics on an external dashboard. You should create a separate API key for each of these integrations. This way, if you need to revoke access to one integration, you won’t disrupt access to the other. Please read our recommendations on securing API keys carefully before getting started.
You’ll also use API keys — with the help of QR codes — to access key SaaS metrics using the ChartMogul mobile app.
Here’s what we cover in this article:
Resources and further reading:
Securing your API keys
Each API key provides external access to your ChartMogul subscription data and analytics. As such, we strongly encourage you to keep your API keys secure. Here are a few best practices:
- Create separate API keys for each application, service, and mobile device you connect to ChartMogul.
- Set the Access Type to Read-only unless your integration requires read and write access to your data.
- Periodically regenerate keys to limit the impact of a key that has been accidentally shared or leaked. Similarly, delete API keys you no longer need or use.
- Don’t embed keys directly in code nor store them in files inside your app’s source tree.
Creating an API key
Create an API key by navigating to Profile > View Profile. Then:
- Under API Keys, select New API Key.
- Enter a unique name for the key in the Name field.
- If you’re a Staff, Admin, or Owner set the Access Type to either Read-only or Read & Write.
- Click Add to create the key.
Click the Reveal icon to see the actual key and the Copy icon to copy it to your clipboard.
Managing API keys
View and manage API keys by navigating to Profile > Admin > API Access Manager.
There, you’ll find the API Access Manager table with the following details:
- Name — the name given to the API key when it was created
- Access Level — the type of access granted, either Read-only or Read & Write
- User — the user the API key belongs to
- Created — the date the API key was created
- Role — the user’s role
- Status — the API key’s current status, either Active or Disabled
Click the Settings icon to disable, enable, or delete an API key.
Working with API keys
After creating an API key, there are several actions you may want to perform, such as revealing the key, regenerating the key, or disabling/enabling/deleting the API key. We cover how to perform each of these in the following sections.
Start by finding your API key. Navigate to Profile > View Profile and locate the key in the API Keys table.
Revealing an API key
Click the Reveal icon to see the actual key and click the Copy icon to copy it to your clipboard.
Editing an API key
To change an API key’s name, click the Settings icon. In the Edit API Key pop-up, change the Name as needed. Then click Update.
Regenerating an API key
Regenerating an API key revokes API access by having ChartMogul generate a new key. You should regenerate keys both periodically and any time you suspect a key has been compromised.
Click the Settings icon. In the Edit API Key pop-up, click Regenerate.
Disabling an API key
Disabling an API key temporarily (but not irreversibly) stops its API access and is useful when auditing which keys are still in use and when you suspect a key has been compromised.
Click the Settings icon. In the Edit API Key pop-up, click Disable Key.
Deleting an API key
Deleting an API key permanently stops its API access. Delete API keys when you no longer need them.
Click the Settings icon. In the Edit API key pop-up, click Delete Key.
Impact of downgrading a user’s role on their API keys
Downgrading a user’s role to Lite or Read-only impacts their API keys:
- When you downgrade a user’s role to Lite, ChartMogul deletes all of the user’s API keys.
- When you downgrade a user’s role to Read-only, ChartMogul deletes the user’s read & write API keys. (No changes are made to their read-only API keys.)
Learn more about user roles and permissions.