SOLVED

Unique API user for each custom service?

Go to solution
Highlighted
Anonymous
Not applicable

Unique API user for each custom service?

Setting up integrations with Zapier and Wistia. In the documentation, one is required to create an API user. However, can the same API user be used for all custom services?

1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted
Level 10 - Community Moderator

Re: Unique API user for each custom service?

Technically, there is no prohibition against sharing one user.  However, it's an extremely bad idea for practical reasons:

  • If you need to account for API calls made by a given app (which you should, given the possibility of overrunning your daily limit) you need to have separate accounts.
  • When you need to revoke access for a given client (which you must, whenever you terminate a contract) you must ensure this doesn't break your other integrations.
  • When you want to tune permissions for the tightest possible security, you need different accounts.

View solution in original post

1 REPLY 1
Highlighted
Level 10 - Community Moderator

Re: Unique API user for each custom service?

Technically, there is no prohibition against sharing one user.  However, it's an extremely bad idea for practical reasons:

  • If you need to account for API calls made by a given app (which you should, given the possibility of overrunning your daily limit) you need to have separate accounts.
  • When you need to revoke access for a given client (which you must, whenever you terminate a contract) you must ensure this doesn't break your other integrations.
  • When you want to tune permissions for the tightest possible security, you need different accounts.

View solution in original post