API & Developers

API Authentication & Keys

Generate API keys, authenticate with Bearer tokens, and integrate SurveyFill data into your own applications using our REST API.

Generate Your API Key

1

Go to Account Settings

Click your profile avatar in the top-right corner of the dashboard and select Account Settings from the dropdown menu. This takes you to your account management page.

2

Navigate to Developer Settings

In the Account Settings page, click the Developer Settings tab in the left-side navigation panel. This section contains your API keys, webhook configuration, and usage logs.

3

Click "Generate API Key"

Click the Generate API Key button at the top of the Developer Settings page. You can optionally add a label to help you identify the key later (e.g., "Production Server" or "CI/CD Pipeline").

4

Copy and store your key securely

Your new API key is displayed only once. Copy it immediately and store it in a secure location such as a password manager or encrypted environment variable. For security, you will not be able to view the full key again after closing the dialog.

5

Use the key in the Authorization header

Include your API key as a Bearer token in the Authorization header of every API request. All SurveyFill REST endpoints require this header for authentication.

Authentication

SurveyFill uses Bearer token authentication. Include your API key in the Authorization header of every request:

GET /api/v1/surveys HTTP/1.1
Host: api.surveyfill.com
Authorization: Bearer YOUR_API_KEY
Content-Type: application/json

Replace YOUR_API_KEY with the key you generated in Step 4. All API requests must be made over HTTPS. Requests over plain HTTP will be rejected.

API Key Best Practices

  • Never share keys publicly. Do not commit API keys to version control, paste them in public forums, or include them in client-side JavaScript. Use server-side code to make API calls.
  • Rotate keys regularly. Generate a new key and retire the old one on a regular schedule (e.g., every 90 days). This limits the impact if a key is accidentally exposed.
  • Use environment variables. Store your API key in an environment variable (e.g., SURVEYFILL_API_KEY) and reference it in your code. Never hard-code keys directly in source files.
  • Revoke compromised keys immediately. If you suspect a key has been exposed, revoke it from Developer Settings right away. Generate a replacement and update your applications promptly.

Rate Limits

To ensure fair usage and platform stability, API requests are rate-limited per key:

100
requests per minute (Pro plan)
500
requests per minute (Enterprise plan)

When you exceed the rate limit, the API returns a 429 Too Many Requests response with a Retry-After header indicating how many seconds to wait before retrying.

Frequently Asked Questions

Related Articles

Connecting SurveyFill to Acumatica ERP
Integrations · 8 min read
Exporting survey results to CSV
Analytics & Reports · 2 min read

Start building with the SurveyFill API

Create an account, generate your API key, and integrate survey data into your applications in minutes.

Get Started Free Back to Help Center