Kandji API

By Emalee Firestein

Learn how to enable and configure API access for your tenant

API Documentation 

Complete API endpoint documentation is available at api-docs.kandji.io. This article walks through generating an API token within your Kandji tenant.

API Rate Limit

The Kandji API currently has an API rate limit of 10,000 requests per hour per tenant. 

Generate an API Token

We recommend creating a unique API Token for each use case. To differentiate between them, we suggest giving them descriptive names in the Kandji Web App.

Kandji uses tenant-level bearer tokens to control access to the API To generate one:

  1. Log in and click on Settings.
  2. Click the Access tab.
  3. Click the Add API Token button to create a new API key.
  4. After clicking Add API Token, provide a Name and a Description for your API token.
  5. Click Create. 

  6. Kandji will display a modal with the API token. Click the visibility symbol to expose it or use the Copy Token button to copy the API token to your clipboard, storing it in a safe place. Note: You will not be able to see the token details again.
  7. Click Next.

  8. Click Configure to manage the API permissions for this specific token or Skip to change them later.
  9. After making your modifications, click Save.
  10. Once you create your first token, you will see your tenant-specific API URL.

Modify, Inspect, or Revoke an API Token

If you remove an admin user from the Kandji Web App after they've created an API Token, the API Token will also be removed.

After you create an API token for your tenant, you can modify its name and permissions or revoke it to prevent further access. 

  1. Click the vertical ellipsis next to the token. 
  2. Click View to display information about the token, including the permissions associated with the token. From this page, you can use the following options:
  3. Click the Permissions tab to edit the permissions associated with the token
    1. Click the Activity tab to view the activity of the API token, including:
    2. Token created
    3. Token name changed
    4. Token permissions edited
  4. In the lower-right corner, click Edit to edit the name of the token
  5. Click Revoke to invalidate the API token and prevent its further use. If you revoke a token, you will no longer see it in the list of API tokens for your tenant.