4. Create an API key

Programmatic access means your scripts, services, and tools talk to OpenApp the same way the product’s APIs do—without clicking through the dashboard. The motivation is automation and integration: you can wire OpenApp into existing systems (schedulers, backends, home automation stacks, internal portals), call it from the SDK or direct HTTP, and build custom logic outside the OpenApp UI when the built-in screens are not enough or you want to keep behavior in your own codebase.

Programmatic access uses API keys (personal access tokens), not your browser session.

1. In the dashboard, keep your personal workspace selected in the org switcher.
2. Open Resources → API Keys.
3. Create a key: choose a name and expiry, then copy the token once.

You will use this same key to authenticate SDK calls and direct HTTP requests later in this guide.

Why API keys have an expiry

Every key is a secret that can outlive the place you stored it. A fixed expiration caps how long a leaked or forgotten copy stays valid and gives you a natural moment to rotate credentials—good security practice. That pushes against longevity: a token that never expires is simpler to operate (configure once and leave it alone). OpenApp’s create form defaults to one year, which is a reasonable balance for many setups, but you should pick a duration that fits your environment—shorter for high-risk or fast-changing systems, longer only when you accept the trade-off and have a plan to renew or replace keys before they lapse.

You now have a token scoped to the org selected in the dashboard; it does not yet “do” anything until something in that org exists to call. The next step connects OpenApp to a demo stand-in for hardware (simulated, not physical)—the first configured link inside your org.

---

← Roles · Add a demo integration →