Back to Documentation

Utilizing the API

Integrate AgencyAccess with your systems using the REST API. Create clients, create access requests, and automate onboarding.

This guide explains how to create clients and access requests from another system using the AgencyAccess API.

Overview

Use the API to:

API documentation page overview
API documentation overview
  • Create clients.
  • Create access requests for clients.
  • Retrieve and update access requests.
  • Retrieve and update clients.
  • Build automated onboarding workflows.

API Authentication

Go to Dashboard -> API -> Authentication.

API authentication page with capability selection
API authentication and key capabilities

Generating an API Key

  1. Open Authentication.
  2. Select only the capabilities your integration needs.
  3. Click Generate API Key.
  4. Copy the key immediately.
  5. Store it in a secure environment variable or secrets manager.

API keys are shown once. If you lose one, generate a new key and update your integration.

API key generation with capability selection
Generate a new API key

Using Your API Key

Send the key in the X-Auth header:

X-Auth: your-api-key

Example:

curl -X POST https://api.agencyaccess.co/api/links/create \
  -H "X-Auth: your-api-key" \
  -H "Content-Type: application/json" \
  -d '{"clientID":"client-id","requestedServices":{}}'

API Capabilities

Choose the smallest set of capabilities your integration needs. Capabilities cover creating, retrieving, editing, and deleting access requests and client records.

Base URL

https://api.agencyaccess.co

Managing Access Requests

Use the API documentation in the dashboard for canonical request examples and field references.

Create an Access Request

POST /api/links/create

Required fields:

  • clientID
  • requestedServices

Common optional fields:

  • intakeForm
  • sendEmail
  • thankYouMessage
  • redirectURL

The response includes the created request data and inviteUrl.

Update an Access Request

POST /api/links/update

Use this when you need to change requested services on an existing request.

Retrieve an Access Request

Use the retrieve endpoint shown in the dashboard API docs to inspect requested services, grant status, intake form status, redirect behavior, and source access page information when applicable.

Managing Clients

Use client endpoints to create, list, edit, and delete client records from another system.

Requested Services Builder

The requested-services payload is the easiest part to get wrong manually.

  1. Open the API documentation in the dashboard.
  2. Use the builder to select platforms, services, access levels, and connected agency accounts.
  3. Copy the generated JSON.
  4. Use it in your integration.

Error Handling

API responses use this shape:

{
  "error": true,
  "msg": "Error message"
}

Always check error before assuming a request succeeded.

Common causes:

  • Missing or invalid API key.
  • Key does not have the required capability.
  • Client does not exist.
  • Requested service is invalid.
  • Connected agency account is missing or expired.
  • Intake form is requested but not enabled.

Security

  • Never commit API keys.
  • Rotate keys when people leave or systems change.
  • Give each integration its own key where possible.
  • Use only the capabilities required.

Next Steps

Related Articles

Managing Clients and Sending Invites

Create clients, send client invites, track access request status, send reminders, and review client history.

Setting Up Intake Forms

Create intake forms that collect structured client details during invites and access page submissions.