The PandaDoc API supports two authentication methods via headers:
- API Key Authentication
Add the following header to all your API requests:Authorization: API-Key {{api_key}} - OAuth 2.0 Authentication
If you’re using OAuth 2.0, use this header instead:Authorization: Bearer {{oauth_key}}
Obtaining API Keys
-
To obtain an API key, visit the Dev Center and generate a Sandbox or Production key.Sandbox or Production API Keys -
Production API keys require approval. Please contact our Sales team.Production Keys
Generate the API key on the Configuration page of your Developer Dashboard.
Who generates the key matters!
API keys are tied to the user who generates them, meaning the key's capabilities depend on that user’s role and license. For instance, certain actions are exclusive to Org Admins — superusers with full access to the organization.
To ensure the API key has the necessary permissions for your needs, make sure it's generated by a user with the appropriate level of access.
Important: User removal deactivates their API Keys
If a user is removed from the workspace, any API keys they generated will be deactivated. Ensure that keys tied to critical operations are created by stable, long-term users with the necessary permissions.