API keys are a great way to access your account data programmatically, however, it is important to permission the keys properly. When creating an API key on the API settings page, you will first select the scope of the key. The scope determines which account your key will have access to. Most third party applications require an account-specific key instead of a master-scoped key. The default name of your Gemini account is “Primary”.
Once you select the scope it is important to properly permission the key to only access account data that is necessary. Most tax software only requires view-only access, in that case the “Auditor” role is appropriate. If the third-party is going to be placing trades on your behalf, then the “Trader” role is appropriate. If the third-party is moving funds for you then the “Fund Manager” role allows for crypto movement on your account.
You can also check out our Partners page to see any approved third-party applications.