API Terms

This document is rendered from the markdown source used in Bento's public legal repository.

These API Terms apply when you access or use any Bento API, webhook, developer tool, SDK, integration endpoint, sandbox, or related credential that we make available (collectively, the API).

These API Terms supplement Bento's Terms, Acceptable Use Policy, Privacy Policy, and any Subscription Agreement. If there is a conflict between these API Terms and the Terms, these API Terms control only for use of the API. If there is a conflict between these API Terms and a Subscription Agreement, the Subscription Agreement controls for pricing, plan entitlements, committed usage, and other plan-specific commercial terms, and these API Terms control for technical conditions, credentials, security, and permitted use of the API.

1. Access to the API

Subject to your agreement with Bento and your compliance with all applicable laws and our policies, Bento may allow you to access and use the API for your own internal business purposes in connection with the Services.

Your access to the API may be subject to technical documentation, authentication requirements, plan limits, rate limits, fair use standards, and other restrictions that we publish or communicate from time to time.

2. API credentials and security

You are responsible for all API keys, tokens, secrets, webhook signing secrets, and other credentials associated with your account.

You must:

keep API credentials secure and confidential;
use reasonable technical and organisational measures to prevent unauthorised access to the API;
rotate, revoke, or regenerate credentials promptly if they are exposed or compromised;
notify Bento promptly, and where practicable within 24 hours after becoming aware of it, of any suspected or actual compromise involving your API credentials or API access; and
ensure that your employees, contractors, and service providers only access the API on a need-to-know basis and in accordance with these API Terms.

You are responsible for all API activity that occurs using your credentials, whether or not authorised by you, unless caused by Bento's own breach of these API Terms or applicable law.

3. Acceptable API use

You must not use the API to:

exceed or attempt to bypass published or enforced rate limits, concurrency limits, quotas, or authentication controls;
scrape, probe, benchmark, monitor, or test the API in a manner that could impair the Services or be used to build or market a competing product, except to the extent we expressly authorise it in writing;
use the API in a way that materially differs from the documentation, your plan, or the intended design of the relevant endpoint;
cache, mirror, or store API responses longer than reasonably necessary for the permitted purpose of the integration, except where applicable law requires longer retention or Bento expressly permits it;
misrepresent the source of traffic, events, recipients, or messages sent through the API;
transmit malicious code, unlawful content, or data that you are not authorised to submit; or
use the API in any way that violates Bento's Terms, Acceptable Use Policy, or applicable law.

4. Integrations and third-party applications

If you build or operate an application, plugin, connector, or service that interacts with the API, you are responsible for that integration and for any content, data, or actions initiated through it.

You must make any notices, consents, and disclosures required by applicable law for your integration. If your integration collects or receives customer or end-user data, you must maintain an accurate privacy policy and any required contractual terms for your users.

5. Changes to the API

Bento may change, update, limit, suspend, or discontinue any part of the API at any time.

We may release new versions, deprecate older endpoints, require migration to updated authentication methods, or change technical requirements. Where reasonably practicable, we will try to provide advance notice of material deprecations, but we are not liable for changes, downtime, or incompatibilities resulting from API updates, removals, or third-party dependencies.

6. Monitoring and enforcement

We may monitor API usage for security, abuse prevention, performance, billing, capacity planning, and compliance purposes.

We may suspend, throttle, restrict, or terminate API access immediately, with or without notice as permitted by law, if we believe your API use creates legal, security, fraud, spam, abuse, reputational, operational, or deliverability risk, or otherwise violates these API Terms or any other agreement with Bento.

7. No support or maintenance commitment

Unless we expressly agree otherwise in writing, Bento is not required to provide implementation support, custom development, maintenance, migration assistance, or service levels for the API beyond the support included in your plan or otherwise made available by us.

8. Beta and developer preview endpoints

Any beta, preview, alpha, pilot, or experimental API endpoint or developer feature is a Beta Feature under Bento's Terms and may be changed, withdrawn, or unsupported at any time.

9. Termination

Your right to use the API ends automatically when your account or right to use the Services ends, or when Bento suspends or terminates your API access.

On termination, you must stop using the API and, unless applicable law requires otherwise, stop using Bento credentials and any Bento confidential information made available only for API access.

10. Changes to these API Terms

We may update these API Terms from time to time by posting an updated version on our website, through the Services, or by otherwise providing notice to you. Unless we state a different effective date for urgent legal, security, abuse-prevention, or technical integrity reasons, updated API Terms become effective in accordance with Bento's Terms or any longer notice period required by another agreement with you or applicable law.

Last updated: 2026-03-19