Introduction
API keys let external tools and scripts authenticate with Level's API. You can create multiple keys, scope each one to read-only or read-write access, and revoke any key independently without affecting the others.
Typical uses: connecting custom scripts, pulling device data into external dashboards, or building integrations that aren't covered by Level's built-in connectors.
Creating an API Key
Navigate to Settings β API keys, then click + Create API key in the top right.
The Create API key modal opens.
Enter a Description β something specific enough that you'll know what this key is for months from now. "Inventory sync" or "ConnectWise custom integration" is more useful than "API key 1."
Select an access level:
Read and write β can view data and create, update, or delete records
Read-only β can view data but can't create, update, or delete
Click Create key.
π‘ TIP: Use read-only access for integrations that only need to pull data (reporting tools, external dashboards). Reserve read-and-write for integrations that need to make changes.
Managing Existing Keys
The API keys page lists all keys for your organization. Each row shows:
API key β masked value with the last few characters visible for identification
Description β the label you assigned at creation
Access β Read & write or Read-only
Last used β timestamp of the most recent authenticated request, or
--if never usedCreated β when the key was generated
Click the three-dot menu at the end of any row to:
Copy key β copies the masked key identifier to your clipboard (not the full secret value)
Edit β update the description or change the access level
Delete β permanently revoke the key
Editing a Key
Click Edit from the three-dot menu. The Update API key dialog opens with the current description and access level pre-filled.
βΉοΈ NOTE: Editing a key doesn't change the key value itself. Any integration already using this key continues to work β it picks up the new access level immediately.
Deleting a Key
Click Delete from the three-dot menu. The key is revoked immediately. Any integration or script using that key will start receiving authentication errors on its next request.
β οΈ WARNING: Key deletion is immediate and permanent. Update any integrations using the key before deleting, or expect them to fail.
Searching Keys
Use the Search bar at the top of the list to filter keys by description. Useful if you've accumulated a lot of keys and need to find a specific one.
FAQ
Can I see the full API key value after creation? Yes. Click the three-dot menu on any key and select Copy key to copy the full key value to your clipboard at any time.
How many API keys can I create? Create as many as you need β one per integration is a reasonable practice since it lets you revoke individual integrations without affecting others.
What's the difference between read-only and read-and-write? Read-only keys can retrieve data from the API but can't make any changes. Read-and-write keys can create, update, and delete records. Use the minimum access level that your integration actually needs.
Who can create and manage API keys? Technicians with access to Settings. See Workspace β Permissions for details on role-based access controls.
An integration stopped working after I edited a key. Why? Changing the access level from read-and-write to read-only takes effect immediately. If the integration was relying on write access, it'll start failing on any requests that try to create, update, or delete data. Check the integration's error logs for 403 responses.
Can I tell which integration is using which key? The Description field is the only identifier β Level doesn't log which system made a given API request against a key. Use descriptive names at creation time so you can match keys to integrations later.