Authentication
Customer API v2 uses Bearer API keys. There is no OAuth token exchange — send your full API key on every request.
API keys are created in the ept AI app under Integrations → API Keys.
Create an API key
- Sign in to ept AI with an Admin role.
- Open Integrations → API Keys.
- Enter a label and click Create API Key.
- Copy the key immediately. You can also reveal it later from the same page.
Each key grants read access to conversations and responses for your account.
Key format:
ept_{env}_{key_id}_{secret}
Example (development): ept_dev_ab12cd34ef567890_…
Send requests
Include the full API key on every Customer API request:
GET /customer-api/v2/conversation HTTP/1.1
Host: api.ept.ai
Authorization: Bearer ept_prod_YOUR_KEY_ID_YOUR_SECRET
Accept: application/json
For development, use https://api.dev-ept-ai.com/customer-api/v2.
Do not put API keys in query strings or logs.
Reveal a key again
If you lose a copied key, an account admin can open Integrations → API Keys, click Show key, and copy it again. Reveal is audit-logged and requires an ept AI admin login — it is not available through the Customer API itself.
Rotate a key
- Create a new key in Integrations → API Keys.
- Update your integration to use the new key.
- Confirm traffic on the new key (check Last used in the UI).
- Revoke the old key.
Security notes
- Store API keys in a secrets manager, not in source code.
- Revoke unused keys from Integrations → API Keys.
- Keys are prefixed with
ept_{env}_so leak scanners can detect them.
Errors
| Status | Meaning |
|---|---|
| 400 | Invalid request |
| 401 | Missing, invalid, revoked, or expired API key |
| 404 | Resource not found |
| 429 | Rate limit exceeded — retry after the Retry-After header (seconds) |