Back to Home

Documentation

Everything you need to know to get the most out of DiscountFlow. Find guides, tutorials, and API references.

Quick Start
API References
FAQs

Documentation

Quick Start
/
API Integration
/
Manage API keys

Manage API keys

Generate or revoke the API key used to authenticate requests to the DiscountFlow API.

Last updated: Jul 3, 2026

The API tab is where you manage the API key used to authenticate requests to the DiscountFlow GraphQL API. This tab is only available to the organization owner.

Who can access this tab

The API tab is visible only to the organization owner. Other team members, including admins, cannot see or access this tab.

API key status

The tab shows two pieces of information about your current key:

FieldDescription
StatusActive if a key exists, No API key generated if none has been created
Last UsedHow long ago the key was last used to make an authenticated API request

Generating an API key

If no key exists, click Generate API Key.

The key is displayed once immediately after generation. Copy it and store it securely — in a password manager or secrets vault — before navigating away. It will not be shown again.

Generating a new key immediately invalidates the previous key. Any integrations or applications using the old key will stop working until updated with the new key.

Revoking an API key

If a key exists, click Revoke API Key. Confirm the action when prompted.

The key is permanently deleted. Any API requests authenticated with the revoked key will immediately return an authentication error. There is no undo — if you need API access again, generate a new key.

Security best practices

  • Store the API key in a secrets manager, not in plain text files or environment variable files committed to version control.
  • Rotate the key periodically or immediately if you suspect it has been exposed.
  • Only give the key to applications and integrations that genuinely require API access.

For more details about our API, see API References