Skip to content

API Keys

API keys allow external applications to interact with your Voxum account programmatically. Use them to connect inventory systems, integrate with other software, or build custom solutions.

What Are API Keys?

An API key is like a password that lets other software access your Voxum data securely. Each key:

  • Is unique to your account
  • Can be revoked if compromised
  • Tracks when it was last used
  • Has limited permissions

When You Need API Keys

You might need an API key for:

  • Inventory integration - Automated inventory updates
  • CRM connection - Syncing lead data
  • Custom applications - Building on Voxum's API
  • Third-party tools - Connecting other business software

Note

If you're only using the admin panel to manage your chatbot, you don't need API keys.

Accessing API Keys

  1. Click API Keys in the left menu
  2. You'll see a list of your existing keys
  3. Options to create new keys or revoke existing ones

API Keys page

Creating an API Key

Step 1: Click Create

Click the Create API Key button.

Step 2: Name Your Key

Give the key a descriptive name that indicates its purpose:

  • ✅ "Inventory Integration"
  • ✅ "CRM Sync"
  • ✅ "Developer Testing"
  • ❌ "Key 1"
  • ❌ "Test"

Step 3: Copy the Key

Important: The full key is only shown once!

  1. Copy the key immediately
  2. Store it securely (password manager, secure note)
  3. Never share it publicly

API Key created

Save Your Key

If you lose the key, you'll need to create a new one. The full key cannot be retrieved after you leave this page.

Managing API Keys

Viewing Keys

Your key list shows:

  • Name - The label you gave the key
  • Key preview - First few characters (masked)
  • Created - When the key was made
  • Last used - When it was last used (helpful for auditing)
  • Status - Active or revoked

Revoking a Key

If a key is compromised or no longer needed:

  1. Find the key in your list
  2. Click Revoke
  3. Confirm the action

Revoked keys immediately stop working. Any systems using that key will no longer be able to connect.

Tip

Revoke rather than delete keys you're not using. This keeps a record of what keys existed.

Security Best Practices

Keep Keys Secret

  • Never share keys in emails
  • Don't commit keys to code repositories
  • Don't include keys in client-side code

Use Descriptive Names

Name keys by their purpose so you know what to revoke if there's an issue.

Rotate Keys Periodically

For high-security environments, create new keys periodically and revoke old ones.

Monitor Usage

Check the "Last used" date to identify keys that aren't being used or unusual activity.

Limit Access

Only create keys when necessary. Fewer keys = less risk.

Using API Keys

When making API requests, include your key in the header:

X-API-Key: your-api-key-here

Example:

curl -H "X-API-Key: vx_abc123..." \
     https://app.voxum.ai/api/endpoint

For Developers

Refer to the API documentation for specific endpoints and request formats.

Troubleshooting

"Unauthorized" error

  • Verify the key is correct (no extra spaces)
  • Check the key hasn't been revoked
  • Ensure the header name is exactly X-API-Key

Key not working

  • Make sure you copied the complete key
  • Check if the key has been revoked
  • Verify you're using the correct endpoint

Lost a key

  • You cannot retrieve a lost key
  • Create a new key with the same purpose
  • Update your systems with the new key
  • Revoke the old key

Next Steps