Security and API keys
Which API key and credentials should I use?
Which API key and credentials should I use?
Each company receives a company ID and a VH3 API key during onboarding. Admin users can generate and manage API keys from the VH3 Connect dashboard. The key is issued by VH3 and scopes access to your organisation.For intelligence endpoints, pass the API key alongside your company ID in the request body. For BigChange proxy endpoints, send it in the
X-API-Key header. For interactive apps, users log in with email and password and all client calls use a short-lived JWT — no API key in client-side code.See Authentication for exact request shapes and examples.Are sentinel alerts generated by AI?
Are sentinel alerts generated by AI?
Sentinel detection uses structured analytics on the operational model, keeping AI cost near zero at the watch layer. When a sentinel triggers, the result can be enriched with an AI-generated narrative so downstream agents and automations have context. Connie and email enrichment use LLMs where configured.
What about PII?
What about PII?
Enrichment pipelines normalise and, where appropriate, strip PII from text destined for semantic search. Contact records in the platform may hold PII for operational matching and are accessed only through authenticated VH3 surfaces. For contractual detail on data residency and processing, ask for your data processing agreement.