API Key Connections
Many services authenticate via API keys — a secret token you generate in the service's developer settings and paste into FlowStack.
Setting Up an API Key Connection
- Go to the external service's dashboard
- Navigate to Settings → API Keys (or Developer Settings, API Tokens, etc.)
- Generate a new API key with the required permissions
- Copy the key
- In FlowStack, create a new connection for the service
- Paste the API key into the form
- Click Save
Common API Key Services
| Service | Where to Get the Key |
|---|---|
| OpenAI | platform.openai.com/api-keys |
| Stripe | Dashboard → Developers → API Keys |
| SendGrid | Settings → API Keys → Create API Key |
| Twilio | Console → Account SID + Auth Token |
| Mailchimp | Account → Extras → API Keys |
| Airtable | Account → Developer Hub → Personal Access Token |
| Notion | Settings → Connections → Develop or manage integrations |
| Linear | Settings → API → Personal API Keys |
API Key Security
- Keys are encrypted at rest (AES-256) immediately upon submission
- Keys are never displayed in the UI after saving — only the last 4 characters are shown
- Keys are transmitted only over TLS 1.3 encrypted connections
- Keys are scoped to your project and cannot be accessed by other projects
Best Practices
- Use dedicated keys — Create a separate API key for FlowStack rather than reusing personal keys
- Limit permissions — Grant only the permissions your automations need
- Rotate regularly — Replace keys periodically (every 90 days is a good baseline)
- Monitor usage — Check the service's API dashboard for unexpected usage spikes
- Name your keys — Use descriptive names like "FlowStack Production" in the service's dashboard