Skip to main content

Managing Your FOG API Key

How to view, regenerate, and use the API key that authenticates external systems with your FOG program.

Overview

Your FOG API key is a secret token that authenticates requests to the SwiftComply FOG REST API. You (or a tool acting on your behalf) include it in the Authorization header so FOG knows the request is coming from your organization.

Most cities use their API key for integrations -- for example, pushing establishment or pump out data into a city billing system, syncing compliance status with a GIS tool, or connecting to a third-party reporting platform. If you don't have any integrations today, you may not need to touch this page.

Viewing your API key

  1. Click the Settings gear icon in the top-right corner of the page.

  2. Click API in the settings sub-sidebar.

  3. The API Config page displays your current API key.

Treat your API key like a password. Anyone with the key can read and write data across your entire FOG program. Don't paste it into tickets, screenshots, or chat threads.

Regenerating your API key

Regenerate the key if you think it's been exposed, when a team member with access leaves, or on your regular rotation schedule.

  1. Click the Settings gear icon.

  2. Click API in the settings sub-sidebar.

  3. Click Regenerate API Key.

  4. Confirm the action in the dialog.

  5. Copy the new key and update it in every integration that uses it.

As soon as you regenerate, the old key stops working. Any integration still using it will start failing until you update the key there too.

Using the API key in requests

The FOG API accepts the key as a Bearer token in the Authorization header of each request. Set the header value to the word Bearer followed by a space and your key, then call the API at https://your-subdomain.swiftcomply.com/api/v1/.... Replace your-subdomain with the subdomain you use to log in to FOG -- for example, if you log in at greenville.swiftcomply.com, your API base URL is https://greenville.swiftcomply.com/api/v1/.

FAQ

Q: Can I have more than one API key?

A: No. Your FOG program has a single API key. If you need to rotate it, regenerate.

Q: How do I scope the key to read-only or a specific table?

A: The key has the same permissions as an admin user in your FOG program. There aren't finer-grained permissions today.

Q: My integration stopped working. Did the key change?

A: Possibly. Check the API settings page and compare the current key with what your integration is using. Regenerating invalidates the previous key immediately.

Q: Who can see or regenerate the key?

A: Only users with the admin role in your FOG program. Non-admin users don't see the API item in the settings sidebar.

Related Articles
Navigating Program Settings
Managing Provider Connection Requests
Configuring SSO (Single Sign-On)
Inviting and Managing Users
Adding a Customer (and Connecting to a City FOG Program)
Did this answer your question?