This operation requires the presence of an administrator from your Office 365 tenant.
API keys allow you to securely connect third-party applications or systems to Letsignit without going through the user interface.
1 - Creating an API Key
First, go to the “API” page, accessible from the “Settings” menu:
Click on “Create an API Key”:
Give your key a name.
Select the relevant scope:
SCIM (for automatic provisioning from Entra ID) – [more details here]
On Premise
Public APIs
Click on “Create”
Make sure to copy the secret key displayed. It will not be available again once the window is closed.
1.1 SCIM API Keys – Specifics
If you select the SCIM scope when creating a key, you can choose whether or not to enable SCIM custom attributes.
This option can also be modified later from the API key list, in the key settings:
If you create multiple API keys with the SCIM scope, the activation/deactivation of SCIM custom attributes will apply globally to all of them.
1.2 On Premise API Keys – Specifics
If you select the On Premise scope, you’ll be able to:
Allow your script to retrieve Letsignit signatures
Allow your script to send AD information to Letsignit
These options can also be modified later from the API key list, in the key settings:
2 - Revoking an API Key
For security reasons (compromised key, restricted access, unauthorized user, etc.), you can revoke an API key at any time.
🔐 What does this mean?
Revoking an API key means permanently deactivating it.
Once revoked:
The key can no longer be used to authenticate requests.
Any request using the key will return an authorization error (typically 401 or 403).
🛠️ How to revoke a key?
On the API page, click on the three dots in the “Actions” column next to the API key you want to revoke:
Click on “Revoke”
Confirm by clicking on “Revoke permanently”
3 - API Key Expiration
Each API key you create is valid for 1 year from the date of creation.
📬 Expiration notification
To avoid service disruption:
The global tenant admin will receive an email notification 1 month before the key expires.
Make sure to generate a new key in time and update your integrations.
🚫 What happens after expiration?
An expired key becomes unusable: any request made with it will be rejected.
In the API key list, the key is marked as “Expired” (red status dot).
An information message will notify you that the key will be automatically deleted 3 months after its expiration date.