Skip to main content

Overview

Access keys let you connect your website, app, or external tools to Bigdelta. There are two types of keys, each serving a different purpose. To manage your keys, go to SettingsAccess Keys.
Access keys page with Tracking Keys tab showing Production and Staging keys with their key values and a code snippet for installation

Tracking keys

Tracking keys are used to send event data to Bigdelta from your website or app. When a visitor performs an action — such as signing up, clicking a button, or viewing a page — the tracking key sends that event to your workspace.

Creating a tracking key

  1. Go to SettingsAccess Keys.
  2. Open the Tracking Keys tab.
  3. Click New Tracking Key.
  4. Give your key a name (e.g., “Production Website” or “Mobile App”).
  5. Copy the generated key and code snippet.
After creating the key, you will receive a small piece of code. Send this code to your developer to add to your website or app — it is usually a quick task that takes just a few minutes.
If you have separate environments (e.g., production and staging), create a separate tracking key for each so you can keep your data clean.

API keys

API keys are used for programmatic access to the Bigdelta API. Use them when building custom integrations, importing data from external systems, or automating tasks outside of the Bigdelta interface.

Creating an API key

  1. Go to SettingsAccess Keys.
  2. Open the API Keys tab.
  3. Click New API Key.
  4. Give your key a name that describes its purpose.
  5. Copy the generated key for use in your applications.
Keep your API keys secure. Do not share them publicly or commit them to version control. If a key is compromised, delete it and create a new one.

Authenticating API requests

The Bigdelta API uses a client credentials flow. Exchange your API key and secret for a short-lived Bearer token before making API calls. Required environment variables: 
BIGDELTA_API_KEY=        # from Settings → Access Keys
BIGDELTA_API_SECRET=     # from Settings → Access Keys
BIGDELTA_WORKSPACE_ID=   # from Settings → Access Keys
Get a token: 
POST https://eu.api.bigdelta.com/v1/auth/token
Content-Type: application/json

{
  "grant_type": "client_credentials",
  "client_id": "BIGDELTA_API_KEY",
  "client_secret": "BIGDELTA_API_SECRET"
}
The response contains a token field. Use it as a Bearer token on all subsequent requests. Use the token: Every API request requires:
  • Authorization: Bearer <token> header
  • Content-Type: application/json header
  • workspace_id=BIGDELTA_WORKSPACE_ID query parameter
Token lifecycle: Cache the token and reuse it until it expires. When it expires, re-authenticate by calling the token endpoint again — there is no refresh token. Store only BIGDELTA_API_KEY and BIGDELTA_API_SECRET in your environment, never the token itself.