WHMCS 7.4 introduced API Roles, giving you more control over your API users and permissions.
With API Roles, you can create API Credential pairs that are limited to specific actions.
As more and more third party integrations that leverage our API get created, and as our customer’s use of the API’s becomes more and more advanced, we wanted to provide a robust way of securing access to the API in a way that was fully backwards compatible for existing API integrations. The answer, API Roles.
An API role can permit access to one or more API actions, and each API Credential can be assigned to one or more API Roles. When an API request is made, if any role assigned to the credential provides permission to the requested action, the request will be authorized and allowed to complete.
Creating an API Role is super easy too. Simply navigate to Setup > Staff > Manage…