Personal Access Tokens & Service Account Keys

Sometimes you just want to write a quick script to accomplish some task, such as:

  • Month-end reporting
  • Integrating a back-office system to Keap
  • Populating data to a spreadsheet

Fortunately, we provide a simple solution: by using Personal Access Tokens and Service Account Keys your own API Keys to use the Keap API anytime you need to access your data!


  • Personal Access Tokens

    Any user of the app can create a Personal Access Token, but it operates under the user context of the user creating it, with that user’s visibility and editing permissions. Intended for casual/entry level developers, developers who want to play around with the API, or developers who want a simple authentication experience scoped to a single user and are less concerned about security.

  • Service Account Keys

    Only admins can create a Service Account Key as it will grant admin access to all of your stored data. Intended to help you integrate your other business systems with our API.


Creating a Personal Access Token or Service Account Key

Keap

  • You can find the option for “API Settings” inside the Settings menu of your Keap app:

  • From the API Settings screen, you can find a list of your currently authorized keys as well as generate new keys.

  • You can click the blue button to add a new key. You will be prompted to add a unique name for this key, to help with identifying it in the future.

  • You will now find a record of the key listed on the API Settings page, including who created it (if a Service Account Key), when it was created, when it was last used, and a truncated portion of the key to help with identification.

Keap Classic

  • You can find the option for “API Settings” inside the Profile menu of your Keap Classic app:

  • Once there, you can click the blue button to add a new key.

  • You will be prompted to add a unique name for this key to help with identifying it in the future.

  • Once you have authorized the key you will be shown the full token. You must save the token at this time, as it will not be shown again in full for security purposes.

  • You will now find a record of the key listed on the API Settings page, including who created it (if a Service Account Key), when it was created, when it was last used, and a truncated portion of the key to help with identification.

  • In the future if you are no longer actively using a key we recommend that you remove it by clicking the icon on the same row to prevent unauthorized usage. You will be prompted to confirm, and if you do so the key will be removed. It may take several minutes for this deletion to propagate through our gateway.


Using your new Personal Access Token or Service Account Key

Now you can then use this key to make any normal API call necessary against any Keap API:

URI:
  https://api.infusionsoft.com/crm/rest/v1
  https://api.infusionsoft.com/crm/rest/v2
  https://api.infusionsoft.com/crm/xmlrpc
Headers:
  "Authorization": "Bearer ProvideYourKeyHere"

Be sure to treat your API Key as a protected secret, never committing it to source code repositories or deploying it alongside your application code. It is effectively a “password” for your own personal authorization to access data on your behalf.

Quotas and Throttles:

  • 10 Queries per Second
  • 240 Queries per Minute
  • 30000 Queries per Day


Further Assistance

For more details on how to make requests against the Keap API, please see our REST API documentation or walk through some sample calls using Postman.

If you have any questions, our Developer Community is here to help!