Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

TLDCRM Has Robust Ingress and Egress API Endpoints that can be used with a variety of third party automation platforms and reporting tools such as Microsoft BI and other Data lake platforms such as Snowflake.

...

Go to Settings → API to create an API key. You must have Superadmin Privileges or the Manage APIs Ability to see this section.

Click the Green + Icon to create an API.

For most general use cases you will be using a v1 API type until our V2 API is complete.

Securing your API

Excerpt
hiddentrue
nameProtecting your API

IP Protection

Make sure when testing to use IP Protection as by default all API’s are Available when you create an API Key.

Info

IP Address Protection allows you to take a CSV List of IP Addresses that are allowed to use the API. Otherwise it is open to anyone with the ID and Key.

Endpoint Protection

You can further protect your API Key by setting Endpoint Permissions. Once you set an Endpoint Permission it locks your API to only be able to access that specific URL or URL Pattern.

Info

Endpoint Protections allow you to limit this API to specific Endpoints, the full domain should not be included in the url. For example /api/egress/leads will allow for access to only that endpoint. You can however use * as well to denote a larger amount of endpoints. If you want someone to only access egress and not ingress, then you can place /api/egress/* or for example of you want someone to only access documentation you can set it to /api/egress/*/docs*. You can give access to all of TLDialer egress by using /api/egress/tldialer/* You can use multiple rules at once, as long as one applies it will let them through. By default no restrictions set will allow all endpoints for this API type.

Using API ID and API Key

The API Key and ID can be passed via almost any GET, POST, PUT, or DELETE as parameters but the preferred and most secure method is via headers using tld-api-id: {api_id} and tld-api-key: {api_key}

You can also send a pair of api and apikey, or api_id` and api_key as alternatives if your third party system has some sort of limitation.

...