Best Practices

Operational best practices

These practices keep ProspectB2B integrations safe to operate in production and aligned with the existing platform behavior.

Browse referenceOpenAPI JSONCreate API key
Secret handling
Rotate regularly
Incremental sync
updated_after
Retries
Idempotent writes
Observability
request_id + delivery logs

Security and credentials

  • Rotate API keys on a predictable cadence and revoke unused keys immediately.
  • Keep secrets out of client-side code and browser storage. Store them in server-side secret managers.
  • Validate webhook signatures before parsing or persisting the payload.
  • Do not reuse one broad key across unrelated automations if scopes can be separated.

Sync and retry design

  • Use updated_after plus cursor pagination for incremental lead sync instead of full scans.
  • Send Idempotency-Key on writes so retries stay safe under transport errors and timeout recovery.
  • Persist request_id, response code and key integration context in your logs.
  • Build webhook consumers to be idempotent because deliveries can be retried after non-2xx responses.