API Access
Programmatic control of your surveys
API Access
Access your survey data and manage surveys programmatically. Build custom integrations, automate workflows, and connect Srvey to your applications.
Getting Started
Create an API Token
- Go to Team Settings > API Tokens
- Click "Create Token"
- Name your token (e.g., "Production Server")
- Select abilities (permissions)
- Optionally set an expiration date
- Copy and store the token securely (it will not be shown again)
Authentication
Include your token in the Authorization header:
Authorization: Bearer YOUR_TOKEN
All API requests must also include:
Accept: application/json
Token Abilities
When creating a token, you can grant specific abilities:
| Ability | Description | Endpoints |
|---|---|---|
| Full Access | Complete access to all endpoints | All |
| surveys:read | List and view surveys, sections, and questions | GET /surveys, GET /sections, GET /questions |
| surveys:write | Create, update, delete surveys, sections, and questions | POST, PUT, DELETE /surveys, /sections, /questions |
| responses:read | View survey responses | GET /surveys/{id}/responses |
| responses:write | Submit and manage responses | POST, PUT, DELETE /responses |
| invitations:read | List survey invitations | GET /surveys/{id}/invitations |
| invitations:write | Create survey invitations | POST /surveys/{id}/invitations |
API Reference
For complete endpoint documentation — including request/response schemas, parameter details, and an interactive "Try It" feature — visit the Interactive API Documentation.
The API covers surveys, sections, questions, responses, invitations, and webhook integrations. All endpoints, validation rules, and response formats are documented there.
Rate Limiting
API requests are rate limited to 120 requests per minute per token.
When rate limited, the API returns 429 Too Many Requests.
Token Management
Viewing Tokens
The API Tokens page shows:
- Token name and prefix
- Granted abilities
- Expiration date (if set)
- Last used timestamp
- Creation date
Revoking Tokens
To revoke a token:
- Go to API Tokens
- Find the token in the list
- Click "Revoke"
- Confirm the action
Revoked tokens immediately lose API access.
Token Expiration
Tokens can be set to expire on a specific date. Expired tokens are marked in the list and cannot be used for API access.
Plan Availability
| Feature | Free | Pro | Business | Enterprise |
|---|---|---|---|---|
| API access | - | - | Read | Full |
| Token creation | - | - | Yes | Yes |
| Read endpoints | - | - | Yes | Yes |
| Write endpoints | - | - | - | Yes |
API access requires the api_access feature. Business plans get read-only access; Enterprise plans get full read/write access.
Best Practices
- Use specific abilities - Grant only the permissions needed
- Set expiration dates - For temporary integrations
- Rotate tokens regularly - Create new tokens and revoke old ones
- Store securely - Never commit tokens to version control
- Monitor usage - Check "Last Used" to identify unused tokens