Skip to main content
To connect your application with StackOne securely, you need to generate API keys. These keys authenticate your application and protect your data.

Step-by-Step Guide to Generating an API Key

1

Access the API Key Management Section

Log in to StackOne and go to the API Keys section in the left navigation menu. This is where you can generate and manage your API keys.
API Keys management page
2

Generate a New API Key

Click the Create API Key button. In the popup dialog, enter a name for your key (e.g., my-agent-key or production-hris-sync). This name is a label and cannot be changed later.
Create API key dialog with scopes
3

Configure API Key Scopes (optional)

By default, API keys are created with full permissions. Expand the Scopes section to restrict access based on your application’s needs.

Available Scopes

ScopeAccess LevelDescription
Platform APIRead / WriteAccess to account management, session tokens, and integration configs. Required for StackOne Connect and account operations.
CredentialsReadRetrieve stored credentials for direct provider access. Required for StackOne CLI and running actions outside the platform.
Unified APIRead / WriteAccess to all unified endpoints (HRIS, ATS, CRM, LMS, etc.) for reading and writing data across connected providers.
ConnectorsRead / WriteAccess to custom connector management. Read (connectors:read) allows downloading connectors from the registry. Write (connectors:write) allows pushing and deleting connectors. Required for Connector Engine operations.
For AI agents, you typically need:
  • Platform API Read: to list connected accounts
  • Connectors Read: to download connectors from the registry
  • Credentials Read: to retrieve stored credentials for direct provider access
4

Copy and Store the API Key

After clicking Generate, the API key is displayed on-screen. Copy it immediately and store it securely. This is the only time it will be shown. If you lose the key, you’ll need to generate a new one.
Store the key in a secure location such as a password manager or secrets vault. Never commit API keys to source control.
5

Manage Your API Keys

Your new API key appears in the API Keys table. From here you can:
  • Enable/Disable keys using the toggle switch
  • View scopes for each key
  • Delete keys that are no longer needed
The Last used column helps you identify stale keys that should be revoked.

Using the generated API Key

Once you’ve generated your API key, it’s essential to know how to use it for authentication. You will need to include the API key for every API call. For basic authentication, you can use the API key in the username or password field when calling any API endpoint, such as the List Accounts endpoint. The use of API keys is tracked, allowing you to monitor their activity and revoke them if necessary. The Last used column on the API keys table indicates the last call made with each key. For security reasons, you are encouraged to regularly review your API keys list and revoke any that are no longer needed.