Guides
Select productHelp centreLog in
Start typing to search…

Set up an API user


❗️

Protect your API credentials

API credentials must be treated as sensitive data, and never be distributed to your customers, or anyone else who does not have legitimate cause to require them. For example, do not embed them on a website, or in a mobile application. If you do, someone malicious could use those credentials to access, edit, or delete your customer data, or send spam or other harmful content which appears to come from your organisation.

Data breaches as a result of such an action could incur large financial penalties. We have some guidance around data legislation for different parts of the world in our Help Centre here, but you must also seek your own legal counsel to ensure you have adequate data protection processes in place.

To get started using our API, you need to create an API user. These API user credentials (username and password) are required to authenticate each operation/method call you make and to make sure you are connected to the correct account.

When creating API users, it's best practice to create one user per system and not share an API user for different integrations or platforms. This makes it easier to revoke individual API users should you need to, as well as isolate and diagnose problems.

📘

Loyalty API and API call rate limits

The Dotdigital Loyalty API is currently unlimited and does not affect your Dotdigital account call rates.

To create an API user:

  1. Log in to Dotdigital with your normal login credentials. To create an API user, you must be an account owner, or a managed user with the Can manage account permission enabled.

  2. Expand the User menu in the bottom left and go to Settings > Access > API users.

  3. Select NEW USER.

  4. The username (email address) is automatically generated for you and must not be edited. You can add a description to differentiate between API users, which is useful if you have more than one.

    Enter a password and confirm it. Your password must be at least eight characters in length and contain at least one digit or non-alphanumeric character. Avoid including your email address or company name as part of your password.

  5. For Rate limiting, select TIERED.

  6. For Status, select Enabled.

  7. Select SAVE.

Updated 25 days ago