Authentication
API Authentication
Secure your CRM API integration with industry-standard authentication methods.
Overview
The CRM API supports multiple authentication methods. Choose the method that best fits your security requirements.
API Keys
Simple key-based authentication for server-to-server calls
OAuth 2.0
Token-based auth for user-delegated access
JWT Tokens
Stateless authentication with expiring tokens
API Key Authentication
Request Header
curl -X GET "https://api.synaptis.com/crm/v1/contacts" \
-H "Authorization: Bearer YOUR_API_KEY" \
-H "Content-Type: application/json"Security Best Practices
- Never expose API keys in client-side code
- Rotate keys regularly (recommended: every 90 days)
- Use environment variables to store keys
Permission Scopes
| Scope | Description |
|---|---|
contacts:read | Read contact and company data |
contacts:write | Create and update contacts |
deals:read | View deals and pipeline data |
deals:write | Create and manage deals |
activities:manage | Full access to activities and tasks |