# Create An API User

Go to **Admin | Users** and click the *green* **Add User** button:

 

<figure><img src="https://1103784913-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FiAC0G99SjXjSv2GM5PAE%2Fuploads%2FtxGFulkN6AiGmQqVySco%2F18d011ad-4be5-4510-a5ad-4f6243b3cecc.png?alt=media&#x26;token=1f65547a-9269-4a6b-99ff-8801eb1a6092" alt=""><figcaption></figcaption></figure>

**Create New User:**

<figure><img src="https://1103784913-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FiAC0G99SjXjSv2GM5PAE%2Fuploads%2FD1Bzv1o1waKh4jdifRiz%2F453b6837-91c7-466e-ab6b-c18f3597e4b3.png?alt=media&#x26;token=176bea45-2d87-4114-9aa9-ad844827a429" alt=""><figcaption></figcaption></figure>

### User Details <a href="#createanapiuser-userdetails" id="createanapiuser-userdetails"></a>

**Username:** Desired username for user (must be unique)

**Email:** Email address for user (optional)

**Access Level:** Select 'Api User'

**Password:** Desired password **\*Note:** **The password must not have an "&" sign on it.**

**Confirm:** Confirm Password

#### **IP Whitelist** <a href="#createanapiuser-ipwhitelist" id="createanapiuser-ipwhitelist"></a>

**For each API user that is created, you will need to whitelist the IP address of the server making the API calls to Konnektive.**

**Alternatively, you can enter AWS, GOOGLE, AZURE, CLOUDFLARE or DIGITAL\_OCEAN to whitelist the entire range used by those services**

### Access Details <a href="#createanapiuser-accessdetails" id="createanapiuser-accessdetails"></a>

Select the endpoints that the API user will need to access.

As a security measure, DO NOT provide more access than needed.

Granting access to Query endpoints means that API user can pull data out of your CRM.

Please create separate API users for your different services that require an API user.

***NOTE: API Users cannot log into the CRM. They can only send API calls to your instance.***