The SalesSheet.ai REST API gives you programmatic access to your CRM data, allowing you to build custom integrations, automate workflows, and connect SalesSheet.ai to internal tools that are not supported through our pre-built integrations. The API follows RESTful conventions with JSON request and response bodies.
Whether you are syncing data with your data warehouse, building a custom dashboard, or integrating with proprietary internal systems, the API provides full CRUD (Create, Read, Update, Delete) access to contacts, deals, tasks, activities, and more. All API access requires authentication using API keys generated from your account settings.
Antes de Comenzar
- An active SalesSheet.ai account on a Pro or Enterprise plan (API access is not available on free plans)
- Organization admin permissions to generate API keys
- Basic familiarity with REST APIs, HTTP methods, and JSON data format
- A tool for making HTTP requests such as cURL, Postman, or a programming language with an HTTP library
Generate Your API Key
Navigate to Settings > Integrations > API in your SalesSheet.ai dashboard. Click the "Generate New API Key" button. You will be asked to provide a descriptive name for the key (for example, "Data Warehouse Sync" or "Internal Dashboard") and select the permission scope - either full access or read-only access.
Once generated, the API key will be displayed once. Copy it immediately and store it in a secure location such as a password manager or encrypted environment variable. For security reasons, SalesSheet.ai does not store your full API key and cannot retrieve it after the initial display. If you lose your key, you will need to generate a new one and revoke the old key.
You can create multiple API keys for different integrations. Each key can be independently revoked without affecting other integrations. We recommend using a separate key for each integration or service for easier management and auditing.
Authenticate Your Requests
All API requests must include your API key in the Authorization header using the Bearer token format. Include the header Authorization: Bearer YOUR_API_KEY with every request. Requests without a valid API key will receive a 401 Unauthorized response.
The base URL for all API endpoints is https://api.salessheets.ai/v1. All requests must be made over HTTPS - HTTP requests will be rejected. Set the Content-Type: application/json header for all requests that include a request body (POST, PUT, and PATCH requests).
To verify your API key is working correctly, make a test request to the GET /v1/me endpoint, which returns information about the authenticated user and their organization. A successful response confirms your key is valid and properly configured.
Explore Available Endpoints
The SalesSheet.ai API provides endpoints for all major CRM resources. The primary endpoints include: /v1/contacts for managing contacts and companies, /v1/deals for pipeline and deal management, /v1/tasks for task creation and updates, /v1/activities for logging emails, calls, and meetings, and /v1/pipelines for pipeline configuration.
Each resource supports standard REST operations: GET to retrieve records (single or list), POST to create new records, PUT or PATCH to update existing records, and DELETE to remove records. List endpoints support pagination with page and per_page query parameters, filtering with field-specific parameters, and sorting with sort_by and sort_order parameters.
Full API documentation with request and response examples for every endpoint is available at https://api.salessheets.ai/docs. The documentation includes an interactive API explorer where you can make live requests against your account data.
Handle Rate Limits
To ensure fair usage and platform stability, the SalesSheet.ai API enforces rate limits based on your plan. Pro plans are limited to 100 requests per minute and 5,000 requests per day. Enterprise plans receive 500 requests per minute and 50,000 requests per day. These limits apply per API key.
Every API response includes rate limit headers: X-RateLimit-Limit shows your per-minute limit, X-RateLimit-Remaining shows how many requests you have left in the current window, and X-RateLimit-Reset provides the Unix timestamp when the limit resets.
If you exceed the rate limit, you will receive a 429 Too Many Requests response. Implement exponential backoff in your integration - wait 1 second after the first 429 response, 2 seconds after the second, 4 seconds after the third, and so on. For bulk operations, use the batch endpoints (such as POST /v1/contacts/batch) which allow you to create or update up to 100 records in a single request.
Consejo Pro
Use the webhook feature alongside the API for the most efficient integration pattern. Instead of polling the API repeatedly to check for changes, set up webhooks to receive real-time notifications when data changes, and then use the API to fetch full record details only when needed. This approach dramatically reduces your API usage and gives you near-instant data updates.
Important Note
Never expose your API key in client-side code, public repositories, or browser-based applications. API keys should only be used in server-side code or secure backend services. If you believe your API key has been compromised, revoke it immediately from Settings > Integrations > API and generate a new one. All requests made with the compromised key will be logged in your audit trail.
API keys inherit the permissions of the user who created them. If a user's account is deactivated or their role changes, the API keys they generated may stop working or have reduced access. We recommend creating API keys from a dedicated service account with consistent permissions to avoid disruptions.
Qué Esperar
With API access configured, you have the building blocks for powerful custom integrations:
- Full CRUD access: Create, read, update, and delete contacts, deals, tasks, activities, and pipeline stages programmatically.
- Real-time data sync: Keep your CRM data synchronized with data warehouses, BI tools, and internal systems.
- Custom automation: Build workflows that are tailored exactly to your business processes, beyond what pre-built integrations offer.
- Batch operations: Process up to 100 records per request using batch endpoints for high-volume data operations.
- Comprehensive documentation: Interactive API docs with examples in cURL, Python, JavaScript, and Ruby for every endpoint.
- Audit logging: Every API request is logged with the API key name, timestamp, endpoint, and response status for security auditing.
Solución de Problemas
Verify that your API key is correctly included in the Authorization header with the "Bearer " prefix (note the space after "Bearer"). Check that the key has not been revoked - go to Settings > Integrations > API to see the status of all your keys. Ensure you are using HTTPS, not HTTP, as all HTTP requests are rejected. If the key was recently created, wait a few seconds for it to propagate before retrying.
Rate limits are applied per API key, not per user. If multiple services or scripts share the same API key, their requests are counted together. Create separate API keys for each integration to get independent rate limits. Also check the X-RateLimit-Remaining header in your responses to see your actual remaining quota. If you consistently need higher limits, contact support or consider upgrading to an Enterprise plan.
Batch endpoints accept an array of objects in the request body, with a maximum of 100 items per request. Ensure your JSON is properly formatted and that each object in the array contains all required fields for that resource type. Check the response body for a detailed error message indicating which specific items in the batch failed validation. Common issues include missing required fields, invalid email formats, or referencing non-existent pipeline stages or custom field IDs.