API Keys
Create and manage API keys to integrate your systems with Rebased.
Creating an API Key
- Go to Settings → Integrations in your Rebased account
- Click Create API Key
- Enter a name and optional description
- Select the scopes your integration needs
- Optionally set an expiry date
- Click Create
Your API key secret will be displayed once. Copy it immediately and store it securely.
Key Properties
| Property | Description |
|---|---|
| Name | A friendly name to identify the key |
| Description | Optional notes about what the key is used for |
| Scopes | Which API endpoints the key can access |
| Expiry | Optional expiration date |
| Status | Active, Revoked, or Expired |
| Last Used | When the key was last used |
| Request Count | Number of requests this billing period |
Managing Keys
Viewing Keys
Go to Settings → Integrations to see all your API keys. You can see:
- Key name and description
- Scopes assigned
- Last used timestamp
- Request count this period
- Status (Active/Revoked/Expired)
Revoking a Key
If a key is compromised or no longer needed:
- Find the key in Settings → Integrations
- Click the Revoke button
- Confirm the action
Revoked keys cannot be restored. Create a new key if needed.
Rotating a Key
To rotate a key (generate a new secret while keeping the same settings):
- Find the key in Settings → Integrations
- Click Rotate
- Copy the new secret immediately
- Update your integration with the new key
The old key is immediately invalidated.
Best Practices
- Create separate keys for each integration or environment
- Use descriptive names like “Inventory Sync - Production”
- Set expiry dates for temporary integrations
- Review unused keys periodically and revoke them
- Monitor usage in the usage dashboard
Who Can Manage Keys
API keys can be created and managed by:
- Business Admins — Full access to all integrations
- Advisors — Can manage integrations for client businesses they have access to
Team members with other roles cannot create or view API keys.
Last updated on