Are you seeing a little Pardot authentication warning when you log into your org and are not sure why? It looks something like this…
What’s changing with the Pardot API
The short story: Pardot is improving the security of our data by making improvements to how our tools need to log into the Pardot API.
This is a good thing.
Unfortunately, it can cause us some issues in the short term. The deadline was previously set for April, but has been moved out to May 6th — so there’s still time to sort things out and get ready.
If you’re thinking “But I don’t use the API…” — Not so fast
Your first thought may be that you don’t use the API. But if you log into any third-party tool with a Pardot username, odds are that tool is using the API.
You can review your API usage from your Pardot Account Settings under the Usage and Limits section listed as “Daily API Requests page.” Or go to this link to access directly:
This screen gives you an hourly breakdown of usage, daily, for the last week. In the screenshot below you can see what this report could look like for you:
What to review to be ready for the Pardot API update
What you are interested in is the collapsed tabs at the bottom. These expand to show you what Pardot Users are using the API:
These are the people you need to work with to try to figure out what ‘things’ are plugged into your Pardot instance. The column labeled “USES DEPRECIATED AUTH” being “Yes” is what will be turned off on May 6th and will stop working.
So you can see here, that there is work to be done in this example.
Contact the vendors if the usage is coming from a vendor. If it’s something your web team is managing, let them know. Pass along
http://developer.pardot.com/#using-the-api so they have a starting place to sort out what they need to fix.
Best practices for working with the Pardot API
While we’re on the topic, let’s bring up a couple of best practices.
1. First of all, use it.
If you’ve been leveraging Pardot for some time, explore opportunities to take the platform even further by working with the API.
There are countless processes that can be made more efficient by using tools like Zapier and Tray.io to streamline data transfer across platforms. Ask your team where they are doing manual data entry or doing lots of imports/exports and Excel jockeying. That’s usually a great place to start.
You can also use the API to build custom integrations or run data clean up utilities — for example, fixing capitalization in name values, setting time zones, bucketing picklist values, standardizing state/country values to prevent sync errors between Pardot and Salesforce, creating control groups for A/B testing in Engagement Studio, and more.
2. Audit who is accessing your data via the API regularly.
Were you surprised by who you saw accessing your data when you took a look at your usage metrics? We recommend at least quarterly reviews of this to avoid any surprises.
3. Give every different integration it’s own user.
Yes, creating unique email addresses and Pardot users for each can be a pain. But it’s a free option under the current Pardot licensing — and it’s worth the time spent.
Having separate logins makes figuring out who and what is accessing your data much easier. The audit log and last changed by better reflect what tools are updating your data so you can easily get a feel for how well your tools are working for you.
You can also turn off a specific integration by changing the password if it starts behaving badly without also turning off things that are working correctly and help you run your business.
What questions do you have about the Pardot API?
Are you working on any interesting integrations? Struggling with a unique problem, and wondering if the API can help you solve it? Running up against a platform limit and looking for a workaround?
Let me know in the comments and let’s discuss.