What would you like to know?
In the API 2.0 integration, RD Station Marketing works with the OAuth protocol during the process of authenticating and authorizing user account information.
Now, in addition to OAuth authentication, RD Station Marketing also supports authentication via API Keys.
APIs 1.2 and 1.3 are simple authentication models compared to OAuth. However, with API 2.0, in addition to new resources, you can also use API Keys.
API Keys are not as secure as authentication via OAuth, but they help identify the application or project that is calling an API more simply.
Form integrations, for example, feature the capabilities of APIs 1.2 and 1.3, and by using API Keys, you will have complete control over the creation, activation, and deactivation of tokens.
- Conversion form integrations.
- Internal systems that send conversions to RD Station Marketing.
- Access the RD Station Marketing App Store.
- Log in to the management page and click Generate Key.
- In the top-right menu, click Generate API Key.
- The system will automatically display the Key created in the listing.
- Choose a name for the Key. This will help you when it comes to managing and locating the Keys.
- Choose whether the Key you create will be enabled or disabled by clicking the Status button.
- Copy the Key code and paste it in the script of the form that will be used to integrate conversions with RD Station Marketing.
- The API Key only supports conversion events.
- You can create up to 5 Keys.
- It is not possible to delete Keys, they can only be enabled or disabled.
- Implementation of the OAuth protocol is not required for the use of API Keys.
- The RD Station Marketing user must have either Manager or Owner access profile in order to access the API Key management screen.
API Keys grant full access to your RD Station Marketing account and you must protect them in the same way you would with a password. There are some common scenarios that should be taken into account when working with API Keys. See each of them below:
- Each integration must have its own API Key
Name each Key correctly, so you know which one works with each application. If a specific API Key is compromised, you can disable it without disabling access to other integrations.
- Do not expose your Keys to the public
Make sure that your Keys are not exposed in screenshots, videos, or help documentation. It is worth remembering that blurring the data in an image is not always enough. It is best to crop part of the image by completely removing the data.
- Key Sharing
If you need to share a Key, we recommend that you generate a new Key and label it accordingly so that you can disable it if necessary. Never email the API Key, because if hackers gain access to the email account, they will be able to send conversions to the RD Station Marketing account.
- Accessing the Key list
Access to the Key list is determined by the role of the user who generated the API Key. To learn more about each user's permissions and profile, access your settings.