This section is brand new with the Everflow v3.1.0 Feature Release. In order to gain access to this section of the platform, you must have "Security" added to your approved permissions for your Role. (An admin can approve permissions for Roles.)

For more information about Roles and adding Permissions - [Click Here]

Table of Contents


This section of the platform is dedicated to securely managing API keys, and their associated permissions.

Navigate to Control Center - Security. You will land on the API Keys tab, where you'll see the list of API keys associated with your internal team.

Each existing API Key will automatically be named similar to: Legacy API Key (Employee Name), and the number of (or all) associated permissions will be displayed.

Creating A New API Key

  1. Click the [+ API Key] button.

  2. Give the API Key a name, associate an employee, and select which permissions the employee can access via API.

  3. Upon clicking Create API Key, you will be shown the API Key one time, so be sure to copy it now.

    **For security purposes, API keys are now stored in a hashed format, which means they are never accessible again after this initial display. (API keys also cannot be accessed by Everflow staff.)

Revoking An API Key

Click the vertical dots on the end of any row, and select Revoke.

Please Note: Once an API Key is revoked, it cannot ever be re-enabled.

You can filter the display of API Keys to show those that have been revoked:

API Whitelists

A common strategy for mitigating fraudulent or other unwelcome activity on your offers is by limiting the API addresses you'll accept calls from. API Whitelists allow you to block API calls from unknown IP addresses, and only allow calls from those IPs that you specify.

To add or edit an API Whitelist, navigate to Control Center - Security, then click on the API Whitelist tab. Click Edit.

If you do not have any entries in your API Whitelist, then API calls from all IP addresses are accepted.

If you have one or more entries, then only calls from those IP addresses are accepted.


We've assembled a superstar team of industry veterans that are available around the clock to make sure that your issues are resolved and questions are answered. You can reach out any time in-platform via Chat or by emailing

Did this answer your question?