Instantly Security Basics

Overview

Secure your Instantly.ai integration with scoped API keys, least-privilege access, secret management, webhook validation, and audit logging. Instantly API v2 uses Bearer token auth with granular scope-based permissions.

Prerequisites

• Instantly account with API access
• Understanding of environment variable management
• Access to Instantly dashboard Settings > Integrations

Instructions

Step 1: Least-Privilege API Key Scopes

Create separate API keys for different use cases with minimal required scopes.

// Key scopes follow the pattern: resource:action
// resource = campaigns, accounts, leads, etc.
// action = read, update, all