Integrations & Custom Connections
The Custom Connections page is where you generate and manage connection keys to integrate DayZero with your own tools and custom automations. Connection keys are long-lived secure credentials shown only once at creation; you authenticate by including this key with your automation tools and specifying the business identifier so your custom tools can work across multiple businesses. This page lives in the Settings section.
Key capabilities
- Create named connection keys (with optional description) — the key is shown once upon creation
- Secure authentication using your unique connection key
- Business context specification so that one key can securely act on specific businesses
- Connection key list showing name, prefix (e.g.
dz_abc…), created, last-used, and expiry - Configurable expiry: 1–365 days, defaulting to 365 days
- Up to 10 active keys per user
- Deactivate a connection key (disables it immediately) and view inactive keys
- Per-user connection control — a firm administrator can disable a user's programmatic access
- Automatic page navigation on long record lists
- Default connection permissions (full system integration)
- Interactive developer resources and connection guides
How it works
Each connection action from your custom automation carries a secure connection key for identity and a business identifier to specify which business it acts on.
flowchart LR
key["Connection Key"] --> auth["Secure Connection Check"]
auth --> ctx["Target Business Selection"]
ctx --> scope["Permissions Verification"]
scope --> api["Secure Integration Link"]
api --> page["Requested Information Delivery"]How to use it
- Open Settings > Custom Connections.
- Click Generate Connection Key, give it a descriptive name (e.g. "Zapier Integration") and optional description.
- Copy the connection key immediately — it is not shown again after the dialog closes.
- Supply it in your custom automation tools to authenticate.
- Provide the business identifier to specify which business the integration operates on.
- Visit the integration guides for reference and examples.
- Deactivate any key from the list when it's no longer needed — it stops working at once.
Pro tips
- Create a separate connection key per integration so you can deactivate one without breaking the others.
- Treat the connection key like a password — it is only displayed once; if you lose it, deactivate and create a new one.
- Set a shorter expiry time for temporary or third-party integrations instead of the 365-day default.
- Automated record fetches use systematic page-by-page loading to handle large data sets smoothly.
- If your custom connection suddenly loses access, check whether a firm administrator has disabled programmatic access for your account under Staff.
In-depth guide
Connection Key lifecycle
| Action | Target | Effect |
|---|---|---|
| Create | Generate Key | Returns the connection key once, plus metadata |
| List | View active connections | Shows current keys and active integration details |
| Deactivate | Deactivate key | Stops the key from connecting; rejected on all future attempts |
| Delete | Remove key | Permanently removes the connection key record |
Connection keys store a prefix for display, creation time, last-used time, and expiry. Deactivation is immediate and cannot be undone; create a new connection key instead.
Authentication & business context
- Authenticate by including your unique connection key in your integration tool.
- Specify which business to target using the business identifier, since a user can belong to multiple businesses.
- Missing identifier: connections that require a business are rejected if the business identifier is omitted.
Connection Permissions
New connection keys are issued with full access by default, but the platform supports granular permissions to control what your automations can see and do:
- Full access (default): full access to all system records.
- Read-only access: read-only access across all records.
- Specific resource permissions: granular permissions to control specific actions (e.g., allow writing invoices but not deleting records) across counterparties, invoices, bills, journal entries, accounts, customers, vendors, products, inventory, and reports.
| Permission Tier | Meaning |
|---|---|
| Full | Full access to core system records (default) |
| Read-only | Read-only access across all records |
| Specific | Granular permission, e.g. writing invoices |
| Group | Permission across specific classes of records |
Per-user connection gate
- Default: Programmatic access is active, but can be turned off per user by a firm owner or administrator on the Staff page.
- When disabled: that user's connection keys (and any automated tools running under their account) are blocked until access is restored.
- Use for: offboarding or restricting who can automate.
Limits & loading rules
- Connection key limit: each user may hold up to 10 active connection keys.
- Page loading: automated record feeds load page-by-page to ensure performance.
- Identifiers: unique record codes are used across the platform.
Audit implications
Connection key creation, deactivation, and deletion are security-relevant. Pair this page with Settings > Audit Log to track who issued or changed credentials — important for security reviews and activity tracking.
Edge cases
- If you didn't copy the connection key before closing the dialog, you can't retrieve it — deactivate and recreate.
- Deactivated connection keys remain visible (struck through) under "Inactive Keys" for reference.
- When programmatic access is disabled for your account, the page shows a locked state instead of the generate button.