Connect Klaviyo with a private API key

What this is: a 2-minute walkthrough for creating a read-only Klaviyo private API key, then pasting it into Admaxxer to overlay email and SMS revenue on top of your Meta and Google acquisition cohorts. The key is read-only by design — Admaxxer never sends emails or modifies flows.

Why read-only (we never send emails)

Step 1 — Open Klaviyo Settings (~15 sec)

  1. Sign in to klaviyo.com with an admin account on the workspace whose data you want to track.
  2. Click your account avatar (bottom left) > Settings. (Klaviyo also calls this Account in some plans — same destination.)

Step 2 — Go to API Keys (~10 sec)

  1. In the left sidebar of Settings, click API Keys.
  2. You'll see two sections: Public API Key (a 6-character ID, used by Klaviyo's JavaScript pixel — not what we want) and Private API Keys.

Step 3 — Create a private API key (~30 sec)

  1. In the Private API Keys section, click Create Private API Key.
  2. Name it Admaxxer Read Only. The name shows up in Klaviyo's audit log so you can quickly identify which integration is calling.

Step 4 — Set read-only scopes (~30 sec)

Klaviyo asks for either Full Access or Custom Key. Pick Custom Key and grant the following scopes — all Read-Only, none Full or Read/Write:

ScopeAccessWhy we ask
CampaignsRead-OnlyPull campaign send history + click/open metrics for cohort overlay.
FlowsRead-OnlyPull flow definitions + per-message stats for flow-level attribution.
ProfilesRead-OnlyMatch Klaviyo profile IDs to Admaxxer visitor IDs for revenue attribution.
MetricsRead-OnlyRead placed-order, viewed-product, and other metric events.
EventsRead-OnlyStream event-level data (sends, opens, clicks, conversions) for cohort joins.
SegmentsRead-OnlyRead segment definitions and counts for audience-level reporting.

Don't grant Full Access or any Read/Write scope. Admaxxer doesn't need them; the only effect would be to widen the blast radius if the key leaked.

Step 5 — Copy and paste into Admaxxer (~30 sec)

  1. Click Create. Klaviyo shows the key once, formatted like pk_abc123.... Copy it now — if you close the modal, you'll need to delete and recreate the key (Klaviyo never shows it again).
  2. Back in Admaxxer, open Integrations › Klaviyo.
  3. Paste the key in the Private API Key field.
  4. Click Connect. Admaxxer validates the key, hits the Klaviyo API, and shows you a green "Connected" badge plus your last-30-days Klaviyo-attributed revenue within seconds.

No expiry — rotate when you want

Klaviyo private API keys do not expire. They stay valid until you delete them in Settings > API Keys. Best practice: rotate annually as part of your security hygiene — create a new key, paste it in, then delete the old one.

For the authoritative reference, see Klaviyo's official Retrieve API credentials doc.

Security — how Admaxxer stores your key

FAQ

Q: Will Admaxxer ever send emails on my behalf?

No. The integration is strictly read-only. We don't request the Templates Read/Write or Campaigns Read/Write scopes that would be needed to send. If we ever ship a "send from Admaxxer" feature, you'd be asked to re-authorize with broader scopes — and that re-auth would be opt-in.

Q: Will using this slow down my Klaviyo dashboard?

No. Klaviyo's API has its own rate limits separate from your dashboard. Admaxxer pulls every 15 minutes with conservative concurrency — far below the per-account quota. You'll never notice it.

Q: Do I need a Klaviyo paid plan?

No — private API keys are available on every Klaviyo plan, including the free tier (up to 250 active profiles). The integration works the same regardless of plan.

Related

Klaviyo integration overview · Connect Meta Ads (paste-token) · Connect Google Ads (refresh token) · Documentation home