Authenticate and Manage the Connector

The Build a Doc connector uses API key authentication. This guide covers how to obtain, use, and manage your API keys securely.

---

Obtaining an API Key

1. Sign in to the Build a Doc portal
2. Navigate to the API Keys section
3. Click Create New Key
4. Copy the key immediately (it won’t be shown again)

Tip

For detailed API key creation steps, see how to generate an API key. For advanced key management, see manage API keys.

Caution

Store your API key securely. It grants access to your Build a Doc subscription and is used for billing.

---

Using the API Key

First-Time Setup

When adding a Build a Doc action to your flow for the first time:

1. You’ll be prompted to create a connection
2. Enter a descriptive Connection name. This can be anything you like, but should make the key easily identifiable, e.g. Build_a_Doc_Production
3. Copy and paste your API key into the API key field
4. Click Create

Existing Connection

If you’ve already created a connection:

1. Select it from the connection dropdown
2. The API key is stored securely by Power Automate

---

API Key Security Best Practices

Key Management

Do	Don’t
Use separate keys for different purposes	Share one key across all uses
Rotate keys periodically	Keep keys indefinitely
Revoke unused keys	Leave old keys active
Store keys in secure locations	Store keys in plain text

---

Storing Keys in Azure Key Vault

For enhanced security, store API keys in Azure Key Vault:

1. Create a secret in Azure Key Vault with your API key
2. Use the Key Vault connector in Power Automate to retrieve the key
3. Pass the retrieved key to your Build a Doc actions

Tip

This approach centralises key management and simplifies rotation across multiple flows.

---

Key Rotation

To rotate an API key without disruption:

1. Create a new API key in the portal
2. Update your Power Automate connection with the new key
3. Test your flows to confirm they work
4. Revoke the old key in the portal

---

Revoking Keys

If a key is compromised:

1. Go to the Build a Doc portal → API Keys
2. Find the compromised key
3. Click Revoke immediately
4. Create a new key and update your connections

Caution

Revoked keys cannot be reinstated. Flows using revoked keys will fail with 401 errors. See error codes reference for troubleshooting authentication errors.

---

Troubleshooting

401 Unauthorised

Causes:

• API key is missing
• API key is incorrect
• API key has been revoked

Resolution:

• Copy and paste the API key again (don’t type manually)
• Verify the key is active in the portal
• Create a new key if necessary

403 Forbidden

Causes:

• API key is valid but subscription lacks permission
• Feature not available on current plan

Resolution:

• Check your subscription plan in the portal
• Upgrade if necessary

---

Related Topics

• Configure the Power Platform Connector
• Manage API Keys
• Security and Data Protection