API keys
Info
Direct link: konfipay (DE) | konfipay (CH)
Navigation path: Client management > API > API key
Quick navigation: API Schlüssel
User groups: Admin, Full access, Management
Required permissions: API Show keys/Add and remove keys
General information
This page provides an overview over the API keys of a client. An API key is used for authentication when accessing the konfipay API using an external application. The API endpoints are not publicly accessible and require successful authentication to use them. Further details on authentication via API key are available in the API documentation.
API keys must not be saved in publicly accessible places and must not be shared with anyone. Anyone who has access to an API key can access the corresponding client via the API and potentially send unauthorized payments!
Key overview
In the key overview, a key can be displayed via the eye symbol, or be copied to the clipboard. A key can be deactivated if necessary and reactivated later - as long as it is deactivated, it cannot be used for API access.
Regenerate or delete key
The key can also be regenerated or deleted completely. Please note that changing, deleting or deactivating an API key will result in all client applications using this key no longer being able to authenticate themselves to konfipay. The new key must then also be added again in the external application.

Key overview with option to display or copy (1) and further options (2)
Add key
Using Add
, a new API key can be generated. First, this requires a title, e.g. with the name of the application for which the key is to be used.
Authorizations of the key
The Authorizations of the key can also be specified, i.e. which API functions can be accessed with the key. For example, if an application is to be used only to retrieve account transactions, it may make sense for security reasons to allow the key only for banking documents.

API key creation options