Create a New API Key
How do I create a new API key?
Purpose: To teach you how to create a new application programming interface (API) key to start you on the process of setting up integrations in BambooHR.
Generate an API key
Click on your profile picture in the bottom left corner of your account and select API Keys (depending on your account setup, this option may show as "My Device & API Keys" instead).
Click +Add New Key.
The access allowed by each API key is based on the access level of the user who generated it. Read more details below on setting up a custom access level for integrations.
Generate your API key
Name the API key to help you identify and disable it when necessary. Click Generate Key. From here, the API key will be generated.
Copy an API key
You can have multiple API keys associated with a user at the same time. An API key will only appear during the process of creation. If you do not copy or have misplaced the key, you will need to create a new key.
Please note that BambooHR cannot retrieve the key because it is encrypted within our system for security purposes.
Start this process by creating a custom access level that only includes access to the fields needed for the integration. A created API key will have the same amount of access as the user who created it. When first setting up the custom access level, the API key will not have access to information more than necessary.
Set up a non-employee user
Go to the specific custom access level and select Add a Non-Employee User from the action menu. You can then enter the first name, last name, and email address of the user. Once you create the user, you can assign them to the custom access level.
If necessary, you can create an email alias for the integration to connect to your original email address. For example, your regular email address is [email protected], and you want to create a non-employee user with the same address, you can use an email alias such as [email protected].
Create the API key
Log in as the non-employee user and create an API key for the integration (as explained above). In this way, the API key will only have the same access capabilities as the non-employee user you have created.