API Keys

API keys let you talk to Insighto programmatically — export conversations, push contacts in from your own systems, build internal dashboards, or wire up CI. Each key is personal to your user (not shared with the team) and scoped by a role you pick at creation.

What you can do with it

• Programmatic conversation export — A compliance team in a fintech pulls every closed conversation nightly into their archive system for audit. An API key drives a cron-job script that hits the conversations endpoint.
• Internal dashboards — A SaaS company wires Insighto numbers into their internal "voice of customer" Looker board. An API key powers a scheduled job that pulls daily conversation counts per assistant.
• Custom integrations — A real-estate brokerage syncs Insighto contacts into a proprietary CRM. The script reads new contacts every 10 minutes via API key.

Key format

Keys look like:

in-XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

The in- prefix lets you spot Insighto keys in your code; the 43-character random suffix is the secret.

The UI labels them "API Keys" even though under the hood the model name is API Token — same thing.

Authentication

Pass the key as a query parameter, not a header:

curl "https://api.insighto.ai/api/v1/contact?api_key=in-XXXX..."

Note: Insighto's API uses ?api_key=..., not Authorization: Bearer .... Bearer headers won't work.

Create a key

1. Open Settings → API Keys → Create key.
2. Fill in (all three required):
   • Name — a label for you to recognize this key later (e.g. "Nightly export script").
   • Key role — what this key can do (read-only, full access, etc. — picked from the dropdown).
   • Description — what the key is for.
3. Click Create.

Copy the key immediately. It's shown once. After you close the modal, only the prefix is visible — you cannot retrieve the full key later. If you lose it, delete the key and create a new one.

Manage keys

The list view shows every key on your user with its name, role, description, created date, and last-used time. From here you can:

• Revoke — disable instantly. Any request with that key starts returning 401.
• Delete — remove the row entirely.

There's no edit. To change a key's role or description, delete it and make a new one.

Where to next

• Webhooks reference — receive events from Insighto.
• Usage — see what your API traffic is doing to your plan.
• Conversations — the most-pulled resource over the API.