Users' passwords will not be accepted anymore to authenticate requests


  • On Feb 3, 2022, in order to make third-party apps more secure, we will stop accepting requests authenticated with users' passwords. Only requests authenticated with API keys will be accepted. Unlike users' passwords, API keys can be easily generated and revoked in case these ones have been compromised. Only admins will be allowed to generate API keys.

Migration guide

  1. Log in to your Gorgias account
  2. Go to Settings -> REST API
  3. If you don't have an existing API key, click on the button to generate one.
  4. Copy your API key
  5. Replace your user's password with the API key in your apps

Please let us know if you have any questions. We are here to help.