These keys are used to authenticate incoming requests to the Tātou RESTful API. Every request must have a valid API key (also referred to as a token) to be accepted.
Creating an API key (token)
-
Open Tātou Office and use the top menu ⚙️ → Integrations → RESTful API
-
You will see a list of any existing keys, and when they were last used.
-
Create a new key with Generate new token button.
-
Copy the generated key. You will not be able to retrieve this later, so make sure you save this somewhere safe.
Staying secure
-
Protect your API keys even more than you would a password. Any person or software with access to one of your API keys will have administrator-level access to your entire Organisation.
-
We monitor unusual behaviour, but it is your responsibility to protect your login credentials. This includes your usernames, passwords, multi-factor login devices and API keys.
-
If you feel that an API key has been compromised, you can delete these tokens at any time to immediately invalidate them.