API key permissions

What are API key permissions?

API key permissions define which features and data an API key can use. By default, if no permissions are set, the key is assigned the All permission. This gives the key full access to available functionality, but it can never exceed the role of the user who owns it.

👉 Learn more about Teams roles.

Permission types

Default permissions

If no permissions are explicitly selected, the key will be assigned the All permission by default.

All permission

If the key has All permission:

• Grants access to all available API functionality.
• Works across all teams where the user is a member.
• The key always respects the user’s role. It cannot grant more access than the role itself.

Agent-specific permissions

If the key is restricted to specific agents:

• Restricts the key to actions for selected agents only.
• It can only perform actions for those agents, such as creating conversations, adding sources, or accessing analytics.
• When listing agents, only the agents the key has permission for will appear.
• Team-level actions like managing users or creating new agents are not available.

🚧

Note:

Permissions can be updated or changed at any time.

How to add permissions when creating a new API key

1. In the left sidebar, click Developers.

2. Click Create API Key.

3. Select the permissions you want.

4. Click Create API Key to generate the new API key.

How to edit permissions on an existing key

1. In the left sidebar, click Developers.

2. Select the API key you want to update.

3. Adjust the permissions.

4. Click Edit API Key to apply the changes.