Today’s update is a little more technical in nature as it has to do with how Graphly communicates with Keap to sync and serve up data. With that being said, if you’re a user of our service, there is action we required of you in order to take advantage of these enhancements. Over the last few months, we’ve rebuilt our sync engine to make many enhancements that will help us scale our service as our user base rapidly expands.
Part of those updates include a change in the way we communicate with Keap. Historically, there were two ways for Keap users to authenticate and authorize third-party apps to access their Keap accounts. In an effort to provide developers with better metrics around API calls and make it easier for customers to grant access to their Keap account, Keap is and has been transitioning to OAuth 2.0.
The legacy authentication methods developers have used are:
Account-level API Access – This requires users to know their account name and supply the API key relevant to their account. Account-level API keys are shared with multiple apps/integrations which makes it impossible to revoke access for just one app/integration. If the user changes their API key all apps/integrations using that key are impacted. We will be sunsetting account-level keys in the future and will announce the official cutoff with ample time to transition your apps to OAuth.
Vendor Key API Access – These keys allow developers to access an Keap application with a customer’s username and password. Vendor keys were an improvement to account-level keys, but they still have drawbacks. 1) They required developers to store a customer’s sensitive username and password and 2) when a customer changes their password, any apps or integrations using vendor keys no longer work until they get updated with the new credentials.
OAuth 2.0 API Access – This is the new standard authentication method for Keap apps. OAuth 2.0 is the standard used by most modern APIs including Facebook, Google, Stripe, Shopify and countless others. OAuth will provide a streamlined authentication process for Keap customers, allow customers to view/revoke access for specific apps/integrations and provide developers with a simplified authentication method as well as more metrics about the applications you create.
By using OAuth 2.0, our app is throttled independently of other apps. As we grow and require more calls, Keap is able to increase limits as needed. In addition to not having our app negatively impacted by other applications, new columns, tables, and features are being released in OAuth.
Deletions and Removals
One particular enhancement our users have loved are the webhooks Keap sends out for varying events. The first one we’ve incorporated has to do with when a tag gets removed. Every 5 minutes Graphly receives a webhook that contains all of the contacts who have had tags removed, along with which tags, etc.