Giving a client an API Key

Hi, we have several clients in our own "white labelled" version of Campaign Monitor. Now one of them wants to use the Drupal API plug-in on their own website. I'd rather not give them OUR API key, but rather give them their own (so they don't have the ability to access information about our other clients).

How can I do this?

Thanks a lot,
- Johnny

roshodgekiss roshodgekiss, 4 years ago

Hey there Johnny, this is a tricky one - in some situations, the Client ID may suffice, but your best bet is to get in touch with the plugin developer and see what can be done. We too wouldn't recommend giving away your API key, either!


Get in touch with us on Twitter: http://twitter.com/campaignmonitor
We're also on Facebook: http://facebook.com/campaignmonitor
Stig Stig, 4 years ago

Hey Johnny,

I just wanted to add that there is actually a per-client API key that you can get via this API method, using the client's login details.

This works exactly like the master API key, except it only gives access to that one client. So that's a safer one to give them, for use with the Drupal plugin.


The Campaign Monitor Blog – HTML email smarts to go with your good looks.
JohnnyW2K1, 4 years ago

Thanks a lot for the help, Stig! That's great to know.

JohnnyW2K1, 4 years ago

Hi, I've passed this onto the Client's Web Developer. I've had a quick look myself and all I seem to get from the API is:

"Code":105,"Message":"Your login URL, username and password combination is incorrect."

I'm sending the following:

curl -u "username:passwordBase64" https://api.createsend.com/api/v3/apikey.json?siteurl=http://sitelogin.createsend.com

Everything is definitely correct, but I still get the above message? :(

Stig Stig, 4 years ago

Hey Johnny,

Sorry about the confusion there. In the siteurl parameter at the end, you actually need to replace http://sitelogin.createsend.com with the URL to your account. Does that work better?


The Campaign Monitor Blog – HTML email smarts to go with your good looks.
JohnnyW2K1, 4 years ago

Hi Stig,

Yes, I did realise that :) Unfortunately, even with the correct site parameter, I get the same result :(

I've even tested it with several different accounts, with various levels of privilege :(

Stig Stig, 4 years ago

Hi Johnny,

Hm, that's quite odd then! Do you get the same error if you try opening the URL directly in a browser?


The Campaign Monitor Blog – HTML email smarts to go with your good looks.
JohnnyW2K1, 4 years ago

No, the site parameter works fine as a URL in itself :-/ I guess I must be doing something else wrong (?). I'm right to encode the password in Base64?

JohnnyW2K1, 4 years ago

Aha! It seems that you DON'T have to encode your password in Base64, you just send it plain text. Also, the user must have SOME privileges for the API key to be generated -- you can't just have an account with no privileges.

Stig Stig, 4 years ago

Ah, nice catch Johnny, sorry we didn't notice what was causing the errors. Great to hear you did get it working in the end!


The Campaign Monitor Blog – HTML email smarts to go with your good looks.

Join 150,000 companies around the world that use Campaign Monitor to run email marketing campaigns that deliver results for their business.

Get started for free
1-888-533-8098