Skip to main content

Open in AthenaHQ

app.athenahq.ai/settings/api

Purpose

This page allows organization administrators to create and manage API keys for programmatic access to AthenaHQ data. Customers use these keys to integrate their SEO metrics, responses, and competitor data into external tools like Looker Studio, internal dashboards, or AI assistants. For customers on supported subscription plans, this page also includes an Embed section. This allows administrators to configure allowed domains and manage embed tokens, enabling them to securely embed the AthenaHQ dashboard directly into their own websites or platforms via an iframe.

What’s on the page

API Keys section

Displays the organization’s API keys in a table and provides controls to create, edit, and delete them. If the organization does not have API access on their subscription plan, this section shows mock data blurred behind an upgrade paywall. API Keys table Lists all API keys for the organization. By default, it is sorted by newest first.
  • Name: The human-readable label given to the API key when it was created.
  • Key: A masked preview of the API key showing only the prefix followed by dots (e.g., prod_••••••). The full key is only shown once at creation time.
  • Websites: Which websites the key has access to. Shows an “All Websites” badge for global keys, individual website logos/initials for specific-website keys (up to 4, with a +N badge for the rest), or “None” if no websites are assigned. Hovering over a website icon or the +N badge shows the names of the websites.
  • Created: The date the API key was created, formatted as Mon D, YYYY.
  • Created By: The email address of the user who created the API key.
  • Actions: A (more) menu at the far right of each row.

Embed section

Visible only when the organization has embed access enabled on their plan. This section allows admins to configure the domains allowed to host the iframe and the tokens used to authenticate those requests.
  • Allowed domains: A list of HTTPS domains where the AthenaHQ dashboard is permitted to be embedded. Shows the domain URL and the date it was added. Each row has a menu.
  • Embed tokens: A list of active or paused tokens used to authenticate embed requests. Shows the token name, an Active/Paused badge, the date it was last used, and a menu.
  • How to embed Athena: A collapsible accordion containing the iframe HTML snippet, a table explaining required parameters (token and userToken), and a backend Node.js code example showing how to sign the JSON Web Token (JWT) securely.

Drilldowns

  • Create API Key dialog: Opens when clicking “Create API Key”. Shows a form to name the key and choose access scope (“All websites” or “Specific websites”, with a search bar and select-all checkbox). Once created, it transitions to a success screen displaying the full API key value with a copy button and a warning to save it immediately.
  • Edit Key dialog: Opens from an API key’s menu. Shows a pre-populated form with the key’s current name and website selections, allowing the user to update them.
  • Delete API Key dialog: Opens from an API key’s menu. Asks “Are you sure you want to delete <key name>? This action cannot be undone.” with a destructive Delete button.
  • MCP Setup dialog: Opens from the Guides dropdown. Explains how to connect AthenaHQ to AI assistants (like Claude.ai and other Model Context Protocol clients), providing the server URL and a JSON config snippet with copy buttons.
  • Looker Studio Setup dialog: Opens from the Guides dropdown. Gives step-by-step instructions for connecting AthenaHQ data to Looker Studio via the Partner Connector, providing the necessary Deployment ID with a copy button.
  • Add Allowed Domain dialog: Opens when clicking “Add Domain”. A multi-step flow where users first enter the domain, are then offered the chance to generate a token immediately, and finally see the generated embed token, JWT secret, and iframe snippet (shown only once).
  • Delete Domain dialog: Opens from an allowed domain’s menu. Warns “Are you sure you want to delete <domain>? This will prevent embeds from this domain from loading.”
  • Create Embed Token dialog: Opens when clicking “Create Token”. Asks for a token name. Upon creation, displays the embed token value, JWT secret, and iframe snippet (shown only once).
  • Delete Token dialog: Opens from a token’s menu. Warns “Are you sure you want to delete the token <name>? This action cannot be undone.”

What you can do here

  • Create API Key: Click the “Create API Key” button to generate a new key and assign it to websites. (Requires admin role).
  • View Integration Guides: Click the “Guides” button to open a dropdown menu with options for:
    • MCP setup: View instructions for AI assistant integrations.
    • Looker Studio setup: View instructions for the Looker Studio connector.
    • API documentation: Opens the external developer docs in a new tab.
  • Edit API Key: Located inside the menu on an API key row. Allows renaming the key or changing which websites it can access.
  • Delete API Key: Located inside the menu on an API key row. Permanently deletes the key.
  • Add Domain: Click “Add Domain” in the Embed section to authorize a new website to host the Athena iframe.
  • Delete Domain: Located inside the menu on an allowed domain row. Revokes iframe embedding permission for that domain.
  • Create Token: Click “Create Token” in the Embed section to generate a new embed token.
  • Pause / Unpause Token: Located inside the menu on an embed token row. Temporarily disables (or re-enables) the token from authenticating embed requests.
  • Delete Token: Located inside the menu on an embed token row. Permanently destroys the token.
  • Copy iframe snippet / credentials: Use the copy icons next to the credentials and code blocks provided during token creation or inside the “How to embed Athena” accordion.
  • Paywall Actions: If the customer does not have API access, they can interact with the overlay over the blurred table:
    • Contact Team: Opens a calendar to schedule a call about unlocking API access.
    • Documentation: Opens the API docs.
    • Looker Studio: Opens the Looker Studio setup instructions.

Data shown

  • API keys: Keys configured for your organization.
  • Embed allowed domains: Websites you have authorized to display the Athena dashboard.
  • Embed tokens: Authentication tokens you have generated for the iframe embed.
  • Subscription entitlements: The page checks your active subscription plan to determine if you should see the API keys, the Embed section, or the upgrade paywalls.
  • Website list: Your organization’s tracked websites, used to populate the checklists when assigning permissions to a specific API key.

Common workflows

Create a new API key
  1. Navigate to Settings > API.
  2. Click “Create API Key” (requires admin role).
  3. Enter a name for the key.
  4. Choose access scope: “All websites” or “Specific websites”.
  5. If “Specific websites”, search and select the desired websites.
  6. Click “Create”.
  7. Copy and securely save the displayed API key: it will not be shown again.
  8. Click “Done” to close the dialog.
Edit an existing API key
  1. Navigate to Settings > API.
  2. Find the key in the table and click the actions menu on its row.
  3. Click “Edit”.
  4. Update the name and/or access scope/website selection.
  5. Click “Save”.
Delete an API key
  1. Navigate to Settings > API.
  2. Find the key in the table and click the actions menu on its row.
  3. Click “Delete”.
  4. Confirm deletion in the dialog by clicking “Delete”.
Set up Looker Studio integration
  1. Navigate to Settings > API.
  2. Click “Guides” then “Looker Studio setup”.
  3. Follow the instructions: create an API key, then in Looker Studio add a new data source using the Partner Connector with the provided Deployment ID and the API key.
Configure iframe embed (Embed section)
  1. Navigate to Settings > API (requires embed access entitlement).
  2. In the Embed section, click “Add Domain” and enter the domain where the iframe will be hosted.
  3. Optionally generate a token for the domain in the same flow, or click “Create Token” separately.
  4. Copy the displayed embed token and JWT secret: they are shown only once.
  5. Use the iframe snippet provided, replacing {SIGNED_JWT} with a server-side signed JWT containing the user’s email.
  6. Optionally expand “How to embed Athena” for the full parameter reference and Node.js signing example.

Empty, loading, and error states

  • Empty:
    • The API Keys table shows “No API keys found” and “Create your first API key to get started”.
    • The Allowed Domains card shows a globe icon and “No domains added yet”.
    • The Embed Tokens card shows a key icon and “No tokens created yet”.
  • Loading: The page itself shows a centered animated spinner while organization and website data initially loads. Once the layout is visible, the tables show “Loading API keys…”, “Loading domains…”, or “Loading tokens…” respectively.
  • Error: If the underlying organization or website data fails to load completely, the page renders blank. Operations like creating, editing, or deleting a key/token that fail will surface a red error toast notification in the corner of the screen.
  • Linked from:
    • Settings navigation sidebar (Settings > API)
    • Settings breadcrumb (Settings > API page header)
  • Links to:
    • https://docs.athenahq.ai/ (API documentation, opens in new tab)
    • https://modelcontextprotocol.io (MCP protocol site, linked from the MCP setup dialog)
    • https://claude.ai (Linked from the MCP setup dialog)
    • https://api.athenahq.ai/api/mcp (MCP server URL, copy-only)
    • https://docs.athenahq.ai/api-reference/looker-studio (Looker Studio documentation, linked from the instructions dialog)
    • https://app.athenahq.ai/embed/dashboard (iframe src example shown in embed instructions)
    • Cal.com booking page team/athenahq/support (Contact Team button on paywall gate)
    • https://www.athenahq.ai/pricing (Linked from pricing plan cards if an upgrade dialog triggers)

Common support questions

I lost my API key or Embed Token secret. How can I see it again? For security reasons, API keys, embed tokens, and JWT secrets are only shown once immediately after you create them. If you lose a key or secret, you must delete it and create a new one. Why is the “Create API Key” button grayed out? Only organization administrators can create or delete API keys. If you hover over the disabled button, a tooltip will say “Only admins can create API keys”. You will need to ask an admin to generate the key for you or upgrade your role. Why can’t I see the Embed section? The Embed section is only visible to organizations that have the embeddable_dashboard feature enabled on their subscription plan. If you don’t see it, your plan does not include this feature. Note: If you are currently viewing the AthenaHQ app from inside an iframe embed, the Embed management section hides itself to prevent infinite loops of embedding configuration. Why does my API key table look blurry with a “Contact Team” button over it? Your organization’s current subscription plan does not include API access. The blurred table is a preview of the feature. You must click “Contact Team” to discuss upgrading your plan to unlock programmatic access. My Looker Studio connector is asking for a Deployment ID. Where is it? Click the “Guides” button at the top of the API settings page, then click “Looker Studio setup”. A dialog will open containing the Deployment ID, which you can click to copy.