One of the most common questions we hear is: "If I connect my apps, what exactly can my agency see and do?"
It's a fair question — and the answer depends on which app you're connecting. Here's a clear breakdown.
Email Marketing (MailerLite, SendGrid)
| Can Access | Cannot Access |
|---|---|
| ✓ Subscriber lists and segments | ✗ Your billing information |
| ✓ Campaign analytics | ✗ Your login credentials |
| ✓ Send emails on your behalf | ✗ Account settings or users |
Payments (Stripe)
| Can Access | Cannot Access |
|---|---|
| ✓ Transaction history | ✗ Your bank account details |
| ✓ Customer records | ✗ Payout settings |
| ✓ Create invoices | ✗ Tax information |
E-commerce (Shopify)
| Can Access | Cannot Access |
|---|---|
| ✓ Product catalog | ✗ Staff accounts |
| ✓ Order information | ✗ Theme files (unless granted) |
| ✓ Customer data | ✗ Payment provider settings |
Pro tip: When you connect an app in Keygent, the "Access Scope" section shows you exactly what permissions that API key provides. Review it before connecting.
The Key Principle
API keys are scoped — they only grant access to specific data and actions. They don't give your agency access to:
- Your login credentials
- Your billing or payment information
- Account-level settings
- Other connected services
And remember: you can disconnect any integration at any time with a single click. Your data, your control.
← Back to Blog