Deck Docs
Org settings

API Access

Manage Public API access and API keys for your organization

API Access

The API Access settings let you enable Deck's Public API for your organization and manage the API keys your team uses to authenticate requests. You can use the Public API to read your Deck data (insights, themes, patterns, initiatives) from external tools, scripts, or integrations.

Go to Settings → API Access to manage these settings.

Enabling the Public API

By default, the Public API is disabled for your organization. An admin must enable it before any API keys can be used.

To enable the Public API:

  1. Go to Settings → API Access
  2. Toggle Enable Public API to on
  3. Select which roles can access the API (see Role Access below)
  4. Click Save

Only org admins can enable or disable the Public API and change role permissions.

Role Access

When the Public API is enabled, you control which roles are allowed to use it. You can grant access to:

  • Admins — org admins can always create keys and call the API if access is enabled
  • Members — extend API access to non-admin members of your org

By default, only admins are allowed. Adjust this based on how broadly you want to expose your Deck data externally.

Managing API Keys

Once the Public API is enabled, you can create personal API keys to authenticate your requests.

Creating an API Key

  1. In Settings → API Access, scroll to the API Keys section
  2. Click New Key
  3. Enter a descriptive name (e.g. "My integration script" or "Zapier connection")
  4. Click Create
  5. Copy the key value shown — you will not be able to see it again

API keys start with dk_ and are tied to your user account within your organization.

Save your API key immediately after creation. For security, the full key value is only shown once.

Using Your API Key

Include your API key in requests to the Public API using either:

  • Authorization: Bearer dk_your_key_here header
  • X-API-Key: dk_your_key_here header

The base URL for the API and available endpoints are described in the OpenAPI spec at /api/v1/openapi.

Revoking an API Key

To revoke a key that is no longer needed or may be compromised:

  1. Go to Settings → API Access
  2. Find the key in the API Keys list
  3. Click the delete icon next to the key
  4. Confirm revocation in the dialog

Revoked keys stop working immediately and cannot be restored.

Security Notes

  • API keys grant read-only access to your org's Deck data
  • Each key is scoped to the creating user's role — if a user's role changes or they leave the org, their keys are automatically restricted
  • Keys can be created with an expiration date. Revoke unused keys as a security best practice.
  • All API requests are logged for audit purposes

Learn More

If you want to build against the Public API, start here:

Insights Delivery

Deck Bot delivers new insights that appeared daily into your Slack channel of choice.

Billing & Credits

Manage your subscription, track credit usage, and understand billing limits

On this page

API AccessEnabling the Public APIRole AccessManaging API KeysCreating an API KeyUsing Your API KeyRevoking an API KeySecurity NotesLearn More