Inboarddocs
For SaaS ownersRequirement types

API key

Ask the installer to enter an API key that connects their account to yours.

An API key requirement asks the installer to paste a key (or token) into a field so their account can authenticate with your service. The key is captured by the widget and made available to the rest of the guide.

When to use it

Use this when your product needs a per-installer credential to connect — an API key, access token, or secret that the installer copies from your dashboard (or from a third party) and provides during setup.

How to configure it

You define where the key is pasted and which variable holds it:

  • A labelled input field the installer types or pastes into.
  • A variable that stores the entered value, so you can reference it as {{apiKey}} in later steps and code snippets.

Use a secret variable type for the key. Secret values are masked in the input, held only in the widget's runtime memory, and never written to storage or sent to Inboard's server.

Connect Acme by pasting your API key:

curl https://api.acme.com/v1/connect \
  -H "Authorization: Bearer {{apiKey}}"

How it's verified

API keys are typically verified with a custom check — your server confirms the key is valid by attempting a real authenticated call. An HTTP check also works if a public endpoint can confirm the connection. If neither fits, use self-report.

On this page