API keys
Do not store your API keys in publicly accessible places and do not pass them on. Anyone who has access to your API keys can access your accounts via the API and possibly send unauthorized payments!
Here you will find an overview of all API keys for your client. An API key is required to gain access to the konfipay API with a software application, as the API endpoints are not public.
In the overview, you can see at a glance the name of a key, whether it is active, when it was created (column: "Timestamp") and when it was last used for authentication at the API (column: "Last request"). To copy an API key to the clipboard, click on the copy symbol next to the key:
Icon for copying an API key
Add or edit keys
To create a new API key, click in the toolbar on Add at the top left. Assign a name for the key and define the so-called scope by selecting which API endpoints the key may access.
To change the name or scope for an existing key, select the API key in the list and click on Edit.
Acknowledgement per API key
When creating or editing an API key, you have the option of activating the acknowledgement for the corresponding API key individually. Please note that the activation of the individual acknowledgement can not be reversed.
To take advantage of the acknowledgement per API key, it is required that you use a separate API key for each application connected via the API.
Background info
Acknowledgement per API key means that an independent dataset with the status of acknowledgements is kept for the respective key when it is activated. For example, when an account transaction is retrieved via the API, the account transaction is only marked as retrieved for this individual API key. This is useful if you access your client's data via the API using different applications and the data should be complete in each application separately.
You can also activate the acknowledgement per API key for some API keys only if required. In this case, the API keys with general acknowledgement continue to access the general, client-wide acknowledgement status.
Example: You use two API keys to retrieve account transactions via konfipay sync and via your ERP system. If you do not use the acknowledgement per API key, the account transaction is retrieved in konfipay sync, for example, and then acknowledged. In this case, the acknowledgement applies to all applications that retrieve data via the konfipay API. If the ERP system then wants to retrieve all unacknowledged transactions, it will no longer receive any data, as the acknowledgements have already been set by konfipay sync.
To avoid such a scenario, a separate API key can be used in konfipay sync and in the ERP application, for which the acknowledgement per API key has been activated. If konfipay sync now acknowledges a retrieval, this is linked to the API key and only counts for this API key. The ERP system is therefore not affected and can acknowledge the retrieved data independently.
File types with their own acknowledgement status
The acknowledgement status is logged in konfipay for the following file types:
File type | API end point with API documentation link |
|---|---|
Account transactions | |
PayPal transactions | |
Miscellaneous files (e.g. PDF account statements) | |
PaymentProvider data |
Activating the acknowledgement per API key
If you activate the acknowledgement per API key for an API key, you must select the status of the acknowledgements with which you want to activate the option for the key. This status only serves as a starting point. After activation, the status of the acknowledgements for this key is decoupled from the general status. You have the following options:
Current status → the status of the client-wide acknowledgement status is adopted and the retrieval is acknowledged individually for all future data records
All new → all existing data records are marked as "Not retrieved"/"New" for the corresponding API key
All retrieved → all available data records are marked as "Retrieved" for the corresponding API key
All retrieved until → the available data records are marked as "Retrieved" up to the corresponding date for the corresponding API key, and all later available data records are marked as "Not retrieved"/"New"
When the acknowledgement is activated for each API key, the API key is briefly deactivated so that the selected status of the acknowledgements can be applied in the background. You cannot use the API key during this time. The duration varies between a few seconds and several minutes, depending on the size of the database.
Mass change of the acknowledgement status for individual API keys
Within the konfipay user interface, you can only make mass changes to the general, client-wide acknowledgement status for files, but not for individual API keys. For individual API keys, you can only change the acknowledgement status for each file individually. If you need to make a mass change to the acknowledgement status for individual API keys, please contact our support team at support@konfipay.de
Deactivate or delete key
If you no longer need an API key and want to ensure that it can no longer be used for access, you can deactivate or delete the key. Deletion is permanent; a deactivated key can be reactivated and used again at a later time.
To delete or deactivate an API key, select the key in the list and click on Delete or Deactivate.
Regenerate key
You can regenerate an existing API key by selecting the key in the list and clicking on Generate new. As a result, the key must be re-entered in all applications that use it, as the old key then loses its validity.
Regenerating an API key is comparable to changing a password - the new password must then be re-entered on all devices.