Best Practices
Resources
Best Practices
Follow these recommendations to build reliable, secure, and performant integrations.
Security
Store API keys securely
Use environment variables, never hardcode keys in source code.
Verify webhook signatures
Always validate the signature header before processing webhooks.
Use HTTPS endpoints
All webhook URLs must use HTTPS for secure communication.
Rotate keys periodically
Regenerate API keys regularly as a security best practice.
Performance
Cache responses
Cache form configurations and reduce unnecessary API calls.
Use pagination
Request only the data you need with appropriate page sizes.
Implement webhooks
Use webhooks instead of polling for real-time updates.
Batch operations
Group related API calls when possible.
Reliability
Handle errors gracefully
Implement proper error handling for all API responses.
Use exponential backoff
Retry failed requests with increasing delays.
Implement idempotency
Handle duplicate webhook deliveries gracefully.
Monitor rate limits
Track your API usage and stay within limits.
Error Handling
| Code | Action |
|---|---|
| 400 | Check request parameters |
| 401 | Verify API key is valid |
| 429 | Implement backoff and retry |
| 500 | Retry with backoff, contact support if persistent |