Integrations & API

Managing your API keys and subscription

3 min read

Proper management of your API keys is crucial to maintaining the security of your account and your clients' financial data. WeFile provides a dedicated interface for managing your developer access.

Creating Keys

Navigate to the '/api-access' dashboard. From here, you can generate a new API key. We highly recommend giving each key a descriptive name (e.g., 'Production Server', 'Testing Environment') to help you track their usage.

Security Best Practices

When a key is generated, it will be displayed to you only once. Copy it immediately and store it in a secure environment variable or secrets manager. WeFile stores only a cryptographic hash of the key, meaning we cannot recover it for you if lost.

Rotating and Revoking

If you suspect an API key has been compromised, or if you are conducting routine security maintenance, you should revoke the key immediately from the API dashboard. This instantly invalidates the key. You can then generate a fresh key to replace it.

Monitoring Usage

The API dashboard also provides visibility into your subscription limits. You can monitor how many of your 300 included filings you have consumed during your billing year, and manage the renewal of your £500/year API subscription.