Start
Projects and keys
Understand the boundary that keeps each product, inbox, and integration separate.
One project per feedback source
Create a separate project for each app, site, or environment that needs its own form, inbox filters, routing, API access, or public board. The selected project at the top of the sidebar controls project-scoped pages such as Integrations and API.
Know which key belongs where
| Credential | Use | Exposure |
|---|---|---|
| Browser-safe project key | Widget submissions and generated install snippets | Safe in client HTML |
| Project REST API key | Trusted servers, scripts, and MCP clients | Server-side only |
| Webhook signing secret | Verify generic webhook payloads | Receiving server only |
Keys are project-scoped
A project API key can read and change only its own project data. Rotate a key from the project Install or API workspace when needed.