Sign InBook a demo

Enhancing Security and Efficiency: Empowering Customers with Self-Managed API Keys at SoftLedger

Jun 10, 2024

In today's fast-paced digital landscape, ensuring robust security measures while maintaining operational efficiency is paramount. At SoftLedger, we continually strive to enhance our platform, focusing on both user experience and security. We're excited to announce a significant update: the shift from customer success-generated API keys to a user focused, self-managed API key system.

The Shift to Customer-Managed API Keys

Previously, API keys were generated by our customer success team upon request. While this method was effective, it involved additional steps and personnel, introducing potential security vulnerabilities and inefficiencies along the way. By equipping our customers to generate and manage their own API keys, we minimize the risk of secrets being leaked. Fewer hands in the process means fewer opportunities for unauthorized access, significantly enhancing the overall security posture of our platform.

Enhancing Security through Minimization of Human Involvement

One of the primary security enhancements of this change is the reduction in the number of people involved in the API key generation process. By shifting this responsibility to our customers, we ensure that sensitive information remains within the confines of the customer's own environment. Additionally, API key client_ids are now prefixed with api_ to make them more human readable and lead to less confusion. This change not only enhances security but also streamlines the process, making it more efficient and user-friendly.

Granular Permissions for API Keys

Another critical improvement is the introduction of granular permissions for each API key. Customers can now specify precise access levels for different keys, tailoring permissions to specific needs and applications. This granular control ensures that each key grants only the necessary access - further safeguarding sensitive data.

Integrated Accounting with Multiple Keys

Recognizing the diverse needs of our customers, we’ve made it easy to generate multiple API keys for different purposes.

SoftLedger, being a truly integrated accounting software platform, focuses on making it as easy as possible to integrate with other systems. Whether it's for development, testing, or production environments, customers can now manage multiple keys with distinct permissions, streamlining their workflows and enhancing operational efficiency. This flexibility supports seamless integration with various tools and systems, reflecting our commitment to providing a comprehensive and adaptable accounting solution.

Scaling Enhancements for Faster Token Generation

In addition to these changes, we've made significant scaling enhancements to support faster token generation. Quick token generation is crucial for maintaining smooth operations and uninterrupted service, especially in high-demand environments. This ensures that as your business grows and the demand for API keys increases, our system remains responsive and efficient.

A Security-Focused Enhancement

By enabling customers with self-managed API keys, maintaining our OAuth 2.0 standards, and introducing granular permissions, we’re providing a more secure, efficient, and user-friendly experience, empowering our customers with greater control over their integrations and data.

At SoftLedger, we believe that robust security measures are the foundation of trust. Our latest update is a testament to our dedication to providing secure, innovative solutions that meet the evolving needs of our customers. We’re excited to continue building on this foundation, ensuring that SoftLedger remains a trusted partner in your financial management journey.

Stay tuned for more updates as we continue to enhance our platform, always with a focus on the safety and empowerment of our users. Thank you for being a part of the SoftLedger community!

About SoftLedger

SoftLedger, founded in 2015, delivers streamlined accounting for small and medium enterprises. The platform blends powerful accounting software with an API-first approach. SoftLedger caters to CFOs and controllers who have outgrown QuickBooks or Xero, and are seeking a better alternative to Sage Intacct and Oracle NetSuite. Customizable, yet easy to use, SoftLedger empowers finance professionals to simplify complex processes and add strategic value to their business. With over 150 connectors and rapid onboarding, new customers usually get to their first close of books on SoftLedger in 30 days. With key digital asset partnerships like Lukka, NODE40, Hyperion and more SoftLedger is revolutionizing the value that finance teams deliver for digital asset businesses. Visit and follow SoftLedger on Linkedin.

Recent Blogs
Image of Geoff Ostrega
Geoff Ostrega
CTO & Co-Founder at SoftLedger
Geoff is the CTO and Co-Founder of SoftLedger. He has deep experience with cloud architecture and designing scalable distributed systems. Geoff started in telecom engineering, often the sole engineer on domestic and international deployments, and was named the top engineer at his most recent company.

Frequently Asked Questions

Yes, users have the option to use their own chart of accounts or SoftLedger’s standard chart of accounts when getting started with SoftLedger.  SoftLedger’s flexibility allows users to make changes to their charts by easily adding new accounts.

Ready to Get Started?

Book a demo for a free test-drive of the SoftLedger software and APIs
Book a demo

Subscribe to our

Read SoftLedger reviews on G2

© Copyright 2024 SoftLedger, Inc.