Authentication Guide
Before we dive into API keys, you'll need access to the DeePsy dashboard at deepsy.fr/dashboard. We don't have open registration right now. New users need to get approval from our administrators first.
If you don't have an account yet, just reach out to us at deepsy.fr/contact and we'll created one for you. Once you're in the dashboard, come back here and we'll walk through creating your API key.
Creating Your API Key
Assuming you've got dashboard access, let's create an API key. Head over to the developer section in your user settings deepsy.fr/user/developer
You'll see a Create button there. Click it and you'll be able to pick which companies you want your API key to work with.
Example below :
If you're not an administrator of the company you selected, someone with admin permissions needs to give your API key the proper authorization and select it's permissions. They'll need to go to Company Settings → API (deepsy.fr/dashboard/company/settings/api) and authorize your key.
Example below :
What You Should Know About Your API Key
Your API key will be generated with the prefix deepsy-dev-.
The complete API key is displayed only once during creation for security purposes, ensure you copy and store it securely before leaving the creation page.
If you lose your API key, you can regenerate it through the developer settings. Regeneration preserves your existing permissions and company associations while issuing a new key and invalidating the old one.
- Permission Structure
API key permissions operate independently from your user account permissions. Company administrators can manage API key permissions within their organization but cannot view the actual key value for security reasons.
- Company Access Management
When you remove a company from your API key configuration and later re-add it, you must complete the authorization process again, even if the key was previously authorized for that company. This security measure ensures proper access control.
- Key Usage
API key usage is logged for security and auditing purposes. Altough the key itself is not logged, any activity performed using the API key will be recorded, anything created, deleted, updated with the key will be considered as performed by the API Key's creator.
For example if you send an e-mail by using an API key, the email log will be associated with the API key's creator and not the API Key itself. The main reason behind this choice is purely for technical reasons. If you'd like to disassociated an action of a user from it's created API keys, we suggest you created a fake user and use it's API key instead.
- Using Your API Key
Include your API key in the Authorization header of your HTTP requests:
Authorization: Bearer deepsy-dev-your-api-key-here
Support
For technical assistance or questions regarding API authentication, contact dev team at dev@deepsy.fr or our support team at deepsy.fr/contact.