Migrate to OAuth from private key authentication

You will learn

If you’re here, it’s likely that your Klaviyo app uses private key authentication. We now require all of our published partners to use OAuth when integrating with Klaviyo. This guide covers how you can migrate and the benefits you’ll get in doing so.

📘

Migrating to OAuth will not break your app. Your integration will continue to work as expected.

Why update to OAuth?

❗️

Your app will be delisted if you do not upgrade to OAuth. Only apps using OAuth will be considered for inclusion in Klaviyo's App Marketplace.

Switching your app from private key authentication to OAuth allows for greater exposure to our customers, simpler integration workflows, and access to all new items our R&D team is developing. Here are some benefits you’ll get from the switch:

• Increased marketplace and in-product visibility

  Maintain exposure to 150,000+ customers by keeping your app listed and discoverable on the App Marketplace. We expect there to be roughly 5-10x more unique visitors to the App Marketplace due to new improvements.

• App-branded event metrics

  Say goodbye to the generic gear icon and get branded exposure on the Klaviyo platform!

• Seamless integration

  Streamline the integration process to as little as a few clicks, ensuring a smooth experience for customers, increasing adoption and satisfaction rates.

• Marketing & enablement opportunities

  Eligibility for inclusion in marketing newsletters and other enablement initiatives.

• Exclusive API access

  Unlock powerful API features, including our Universal Content and Webhooks APIs.

📘

Check out our YouTube video on Why create an app with Klaviyo for more information.

How to migrate to OAuth

If your app was previously published using private key authentication, we estimate that a single engineer will need 1-2 sprints (2-4 weeks) to complete the migration to OAuth. When migrating to OAuth, each step listed below should take roughly 1 week:

1. OAuth implementation
   • Create your OAuth app. Please note that after creation, your app will require at least 5 active users to meet our listing requirements before submission.
   • Ensure you properly handle refresh tokens and token expiration.
   • Start completing our Testing & Review Template .
2. UI and OAuth workflow updates
   • Update your app’s UI/UX to support connecting to Klaviyo with OAuth.
   • Initiate the OAuth authorization/deny/uninstall flows and eliminate the private key connection option in your app.
   • Ensure that your app meets our app listing requirements.
3. Security and documentation
   • Complete the security assessment form and address feedback from our Security and Trust team.
   • Create and update help documentation for your app.
   • Set up and use branding for your app metrics.
4. Review and submission
   • Review our Pass your app review guide to ensure your app follows best practices.
   • Submit your OAuth app for the Klaviyo team’s approval.
   • Respond and update your app based on Klaviyo review feedback.

❗️

Within 3 months of migrating your app to OAuth, you should migrate all customers currently using private key authentication to your OAuth app. This transition will offer enhanced security and an improved product experience for our shared customers.

Additional resources

• Make API calls using OAuth
• Build an OAuth app (Academy course)