注册
注册
Z1
创意设计与建站
图片与视频邮件弹窗与表单AI 建站落地页即将推出
Mogiu达人与联盟营销
全部产品
店铺搭建达人营销付费广告全部服务
价格
联系我们

集成与开发者

/

4 min read

Developer settings and API access

Create API keys and manage webhooks on the Developer page to build custom integrations with Zalify — and keep your credentials secure.

API keys and webhooks live on the Developer page in your workspace settings. This is where developers create credentials for custom integrations with Zalify.

Note: The Zalify API is evolving. Capabilities described here are intentionally general — for the current API reference, contact support@zalify.com.

What's on the Developer page

The Developer page has two areas:

  • API keys — credentials that let your own code call the Zalify API on behalf of your workspace.
  • Webhooks — endpoints on your servers that Zalify can notify when certain events happen.

What API keys are for

An API key identifies and authorizes your code when it talks to Zalify programmatically — for example, a custom script or an internal tool that reads or writes workspace data.

If your goal is covered by a built-in feature, prefer that over the API: pre-built integrations are listed in the integrations overview, on-site tracking comes from the Zalify pixel, and email flows are built in automations — no code required.

Creating an API key

  1. Open the Developer page.
  2. Create a new API key.
  3. Copy the key immediately and store it in a secure location such as a secrets manager.

Keeping your keys secure

An API key grants access to your workspace's data, so treat it like a password:

  • Keep it secret. Never commit keys to source control, embed them in client-side code (websites or mobile apps), or share them in chat, email, or screenshots.
  • Store it server-side. Load keys from environment variables or a secrets manager; only your servers should ever see them.
  • Rotate regularly. Create a new key, switch your code over, then delete the old one. Do this on a schedule and immediately whenever a key may have been exposed or a team member with access leaves.
  • Delete unused keys. Every active key is a standing credential; remove ones you no longer need.
  • Use one key per system. Give each integration its own key so you can rotate or revoke one without breaking the others.

If you believe a key has leaked, delete it on the Developer page right away and issue a replacement.

About webhooks

Webhooks let Zalify call your servers when events occur, instead of your code polling for changes. The set of available webhook events is currently being reworked — several event categories are moving into Reach's native automation and activity features, which cover most notification use cases without custom code.

Before building on webhooks, check whether a built-in feature already does what you need:

Who can access the Developer page

API keys carry workspace-level access, so managing them is typically limited to higher-permission roles. See Inviting team members and roles.

上一篇

Integrations overview