Skip to main content

Setting up API Keys and Webhooks

Describes how to create API keys and webhooks for integrating third-party applications with One Church Software.

One Church Software offers an official API (Application Programming Interface) and webhooks for integrating third-party applications with the church database. The API lets a third-party application read and write data on demand, while webhooks send a real-time message to a URL of your choice when certain events happen inside One Church. The initial release of the API provides read-only access to a wide range of modules. Additional endpoints for creating, editing, and deleting records, along with more webhook events, will be added in upcoming releases.

You will need to have the API permission to complete these actions. API and Webhooks are only available on the Plus and Premium plans.

Where to find it

Click the gear icon at the top right of the page (Settings & Tools) and choose API / Webhooks from the Tools/Utilities column.



The page opens with two tabs at the top: API Keys and Webhooks. The View Documentation button at the top of the page opens the full developer reference.

API Keys

An API key authenticates a third-party application as it makes requests to One Church. Each key carries its own permissions, just like a normal user, so you can give an integration only the access it needs.

Important: API keys are like passwords. Keep them in secure server-side code and never share them publicly.

Add an API key

On the API Keys tab, click + Add New. The New API Key window opens with the following fields:

Name - the name of the key. Choose something that makes the integration's purpose obvious (for example, "Mailchimp Sync").

Description - an optional note about what the key is for and which application is using it.

Access - controls what data the key can read and write. Choose one of the four options below.

  • Guest - the same access a typical church member has. Limited to public areas of the system, the person's own profile, and giving history.

  • Super User - unrestricted access, including account billing, subscription, and financial data. Use sparingly.

  • Role Based - choose one or more existing roles. The key gets the combined permissions across all selected roles. Click choose roles to pick them.

  • Custom - set permissions exactly the way you want without using a role. When selected you will see three sub-tabs (Permissions, Campuses, and Custom Fields) where you can fine-tune access.

Click Save when you are done.You will a window titled API Key Successfully Created.

Important: You will not be able to view this API token again once you close the window, so be sure to record it.

Manage existing keys

The API Keys table shows each key's Name, Description, Token, Access level, and who created it. The Token column shows only a short preview of the key for security. To update a key, use the 3-dots menu at the start of the row.

Webhooks

A webhook sends a real-time message from One Church to a URL of your choice when an event happens (for example, when a sermon is added or a record is edited). This lets a third-party application react to changes immediately, instead of polling the API on a schedule.



The Webhooks tab has two sub-tabs:

  • Configuration - where webhooks are created and edited.

  • Activity - a delivery log of every event that has been sent.

Add a webhook

On the Webhooks > Configuration sub-tab, click + Add Webhook. The Add Webhook pop-up opens with two tabs: General and Subscriptions.

On the General tab:

Name - a label for the webhook. Required.

API Key - the API key the webhook will use. Required. Defaults to the first available key.

Callback URL - the URL on the receiving system that One Church will POST event data to. Required.

Send Test - sends a sample event to the Callback URL so the receiver can be checked.

Protect webhook URL with basic authentication? - check the box to require a username and password on the receiving end. Useful when the third-party application supports basic auth.

Email errors to - one or more email addresses to notify when a delivery fails.

On the Subscriptions tab, choose the events the webhook should listen for. At least one subscription must be selected before the webhook can be saved. Use the Filter list below field to search the event list, or use check all / clear all to bulk-select events. Each item in the list represents a system event such as a sermon being added or a record being edited.

Click Add to create the webhook.

Manage existing webhooks

The Configuration sub-tab lists each webhook with these columns: Name, URL, Events (count, click to view the subscriptions), Key, Enabled, and Protected. Use the 3-dots menu at the start of a row to edit or delete a webhook.

View webhook activity

The Activity sub-tab is a log of every webhook delivery. Each row shows the ID, the Event that fired, which Webhook handled it, the Status (HTTP response code from the receiver), the HTTP Method, and the destination URL. Use this view to confirm successful deliveries (status 200) or troubleshoot failures.

API documentation

For full reference details (authentication, available endpoints, request and response formats), click the View Documentation button at the top of the API / Webhooks page. The button opens the official One Church Software API documentation, where a Postman collection is also available so developers can quickly explore the API.

Related Articles
Notification Task
How do I automatically upload sermons to iTunes or another podcast service?
How should I roll out One Church Software to my church?
How do I enable the eSPACE integration?
How does the eSPACE integration work?
Did this answer your question?