Creating and managing API keys

With the ChartMogul API, you can connect to other applications and services to import data for ChartMogul Subscription Analytics and CRM, enrich customer records with custom attributes, notes and call logs or share subscription metrics outside your organization — just to name a few. Learn more about our API.

The first step in setting up API access to ChartMogul data and analytics is to create an API key. ChartMogul allows you to create multiple API keys, and we strongly encourage you to use a separate key for each external application or service you connect to ChartMogul.

For example, you import billing data for customers who pay outside your billing system and share your ChartMogul subscription analytics on an external dashboard. Or, you acquire leads through a website form and enrich your lead data with call summaries generated by a video conferencing tool. You should create a separate API key for each of these integrations. This way, if you need to revoke access to one integration, you won’t disrupt access to the other. Please read our recommendations on securing API keys carefully before getting started.

You’ll also use API keys — with the help of QR codes — to access key SaaS metrics using the ChartMogul mobile app.

Here’s what we cover in this article:

Resources and further reading:

Securing your API keys

Each API key provides external access to your ChartMogul data and analytics. As such, we strongly encourage you to keep your API keys secure. Here are a few best practices:

  • Create separate API keys for each application, service and mobile device you connect to ChartMogul.
  • Set the Access Level to Read-only unless your integration requires read and write access to your data.
  • Periodically regenerate keys to limit the impact of a key that has been accidentally shared or leaked. Similarly, delete API keys you no longer need or use.
  • Don’t embed keys directly in code nor store them in files inside your app’s source tree.
Each time you create, update, or delete an API key, ChartMogul sends an email notification to the user associated with the key and account admins.

Creating an API key

Screenshot of the API page, with a table listing various API keys and a link above the table saying, “Add API Key”.

Create an API key by navigating to  Profile > View Profile > API keys. Then:

  1. Click Add API Key.
  2. Enter a unique name for the key in the Name field.
  3. If you’re a Staff, Admin, or Owner set the Access Level to either Read-only or Read & Write.
  4. Click Add to create the key.

Click the Reveal   icon to see the actual key and the Copy   icon to copy it to your clipboard.

To scan the key, click the QR Code   icon.

Managing API keys

You’ll need to be an Owner or Admin to manage API keys for other users. Read more about user roles and permissions.

View and manage API keys by navigating to Settings & Data > Admin > API Access Manager.

Screenshot of the API Access Manager table, as described here, with various example API keys

There, you’ll find the API Access Manager table with the following details:

  • Name — the name given to the API key when it was created
  • Access Level — the type of access granted, either Read-only or Read & Write
  • User — the user the API key belongs to
  • Created — the date the API key was created
  • Role — the user’s role
  • Status — the API key’s current status, either Active or Disabled

Click the Settings   icon to disable, enable or delete an API key.

Working with API keys

Admins and Owners can manage API keys for other users using the API Access Manager.

After creating an API key, there are several actions you may want to perform, such as revealing the key, regenerating the key or disabling/enabling/deleting the API key. We cover how to perform each of these in the following sections.

Start by finding your API key. Navigate to  Profile > View Profile and locate the key in the API Keys table.

Revealing an API key

Click the Reveal   icon to see the actual key and click the Copy   icon to copy it to your clipboard.

To scan the key, click the QR Code   icon.

Editing an API key

To change an API key’s name, click the Settings   icon. In the Edit API Key pop-up, change the Name as needed. Then click Update.

Regenerating an API key

This action is permanent and cannot be undone. You’ll need to be an Owner to regenerate the primary API key.

Regenerating an API key revokes API access by having ChartMogul generate a new key. You should regenerate keys both periodically and any time you suspect a key has been compromised.

Click the Settings   icon. In the Edit API Key pop-up, click Regenerate.

Disabling an API key

Disabling an API key temporarily (but not irreversibly) stops its API access and is useful when auditing which keys are still in use and when you suspect a key has been compromised.

Click the Settings   icon. In the Edit API Key pop-up, click Disable.

Deleting an API key

This action is permanent and cannot be undone.

Deleting an API key permanently stops its API access. Delete API keys when you no longer need them.

Click the Settings   icon. In the Edit API key pop-up, click Delete.

Impact of downgrading a user’s role on their API keys

Downgrading a user’s role to Lite or Read-only impacts their API keys:

  • When you downgrade a user’s role to Lite, ChartMogul deletes all of the user’s API keys.
  • When you downgrade a user’s role to Read-only, ChartMogul deletes the user’s read & write API keys. (No changes are made to their read-only API keys.)

Learn more about user roles and permissions.

Was this article helpful?

We’re sorry to hear that. Would you like to share more feedback?


Thanks for your feedback!