API Keys
For most integration projects, you’ll likely want to have an API key assigned to a user. This key allows you to skip the step of creating a session and is passed into calls using the x-acme-api-key header.
WARNING: API keys should be kept secret just as you would a username and password. Anyone who has an API key will be able to access, via API, any area of the system for which the user has permission. |
API keys should ONLY be assigned to username-only users and we recommend creating a clearly-identifiable, integration-specific user for each integration. Examples would include:
api-website-integration
api-data-warehouse
api-crm-integration
Note: Only ACME Clients can request API Keys. System integrators and third-party vendors should reach out to their venue contact to have them request a key.
Requesting an API Key
- Create a username-only user following the naming convention above in your Sandbox and Production Environments.
- Provide any password you want and store it securely for your own reference.
- Add whatever user permissions needed for this API user. Permissions can be be updated after an API key is generated, if needed.
- If you are a new on-boarding client working in Sand1, you may not have access to your Production environment yet. Please create the API user in Sand1 and work with your CSM to create a corresponding Production API user.
- Email api-help with the following information:
- Username:
- Sandbox User ID (found in the URL of the user account):
- Production User ID:
- Specify which sandbox you are testing in:
- If you are working with a 3rd party and would like to create separate user accounts so they can directly access ACME Back Office, please provide the email domain(s). All non-client email domains must be safelisted before you can invite those users to ACME Back Office.
- Once your request has been submitted to api-help@acmeticketing.com, the requested API keys will be generated and emailed directly to the requester.