Create API credentials

Everything you need to know about creating your API credentials.

Updated over a week ago

You can now manage your API credentials under Settings>Integrations>API access management.

API credentials allow developers to connect to your Spendesk entity, retrieve and edit information in it according to the permissions you grant.

In order to create a new API client ID and client secret (think of it as login and password) follow these steps:

  • Click on the Create new key button.

  • Enter a name and a description for this API access. It's important to mention the purpose these credentials will serve so that anyone can easily identify them later (think about someone new coming in and trying to understand the purpose of each API access).

  • Choose an expiration date. The expiration date cannot be later than one year from today. But if you are sharing these credentials with an external development team, make it as short as practically possible. If unsure, always start with shorter validity periods (e.g. one month) - you can always create new API credentials, with the same validity period or longer, based on the new level of trust you have.
    It is not possible to extend the validity of existing API credentials - new ones need to be created.

  • Select permissions you want to grant to this set of credentials. Our growing list of API features currently includes the following:

    • Retrieve payables

    • Retrieve payable attachments

    • Retrieve settlements

    • Retrieve bank fees

    • Retrieve wallet loads

    • Retrieve wallet summary

    • Retrieve users (members) of the company

    • Retrieve suppliers

    • Retrieve analytical fields and values

    • Retrieve cost centers

    • Retrieve expense categories

  • Check the box to acknowledge that the new API credentials will provide access to the features and data selected above.

Once you click on Create API key you will see a modal with a client ID and client secret.

🔥 Store them in a secure password vault and never share them via messaging/email. 🔥

This is the only moment you will ever see the client secret in clear text - it is not possible to retrieve it again.

If you lose the 'client secret', you will need to generate a new set of credentials.

Did this answer your question?