Resources/The Agent API Atlas/Data/Hightouch

Everything an AI agent can do with the Hightouch API.

A reference guide for building AI agents: every method, how to authenticate, and the permissions each one needs.

Endpoints19

API versionv1

Last updated23 June 2026

Orientation

How the Hightouch API works.

The Hightouch API is how an app or AI agent works with a Hightouch workspace: listing sources and destinations, reading and creating models, and triggering a sync that moves warehouse data into a connected tool. Access is granted through a workspace API key, which an admin creates and which carries read and write access to that whole workspace, with no narrower per-method permissions. Every endpoint sits under one URL version, and changes ship through the changelog rather than a new version string.

19Endpoints

5Capability groups

9Read

10Write

0Permissions

Authentication

Every call needs a workspace API key, created by an admin under Settings and sent as 'Authorization: Bearer '. The key is shown only once at creation. A key created by a non-admin user fails with an authentication error. There is one key type, and it is scoped to a single workspace.

Permissions

Hightouch API keys are workspace-level and carry no granular per-endpoint scopes. A valid key has read and write access to every source, model, destination, and sync in its workspace, and can trigger any sync. There is no way, inside Hightouch, to limit a key to read-only, or to one sync, or to a single resource type, so the boundary is the workspace, not the method. This is why per-agent control has to come from a layer in front of the key.

Versioning

The API carries one URL version, v1, in the path of every endpoint, such as /api/v1/syncs. Hightouch does not mint a new dated version string for changes; new endpoints and behavior ship through the changelog while the v1 path stays in place.

Data model

The API is resource-oriented JSON over HTTPS at https://api.hightouch.com under /api/v1. The core resources are sources (connected warehouses), models (the queries that pick rows), destinations (the tools data is sent to), and syncs (which map a model into a destination). Triggering a sync starts a run, and each run records the rows queried, added, changed, and removed.

Connect & authenticate

Connection & authentication methods.

How an app or AI agent connects to Hightouch determines what it can reach. There is one route, the REST API, and it is governed by the workspace API key behind every call.

Ways to connect

REST API

The REST API answers at https://api.hightouch.com under the /api/v1 path. It lists and manages sources, models, destinations, and syncs, and triggers sync runs.

Best forConnecting an app or AI agent to Hightouch.

Governed byThe workspace API key behind every call.

Docs ↗

Authentication

Workspace API key

A workspace API key is created by an admin under Settings, shown once, and sent as a bearer token on every request. It grants read and write access across the whole workspace, with no narrower per-endpoint permissions, and it is shared by the whole workspace rather than tied to one user.

TokenWorkspace API key (bearer)

Best forProgrammatic access to a Hightouch workspace

Docs ↗

Capability map

What an AI agent can do in Hightouch.

The Hightouch API is split into areas an agent can act on, like sources, models, destinations, and syncs. Each area has its own methods, and triggering a sync moves real data from a warehouse into a connected destination.

Syncs

6 endpoints

List, read, create, and update syncs, and trigger a sync to move data into a destination.

Triggering a sync pushes real data into a live destination.

View endpoints →

Sync runs

1 endpoint

List the runs of a sync and read the rows queried, added, changed, and removed in each one.

Reads here expose the data a sync moved.

View endpoints →

Models

4 endpoints

List, read, create, and update the models that define which warehouse rows a sync sends.

Writes here change which data syncs send.

View endpoints →

Sources

4 endpoints

List, read, create, and update the warehouses and databases connected as data sources.

Writes here change connected data warehouses.

View endpoints →

Destinations

4 endpoints

List, read, create, and update the external tools that syncs deliver data into.

Writes here change where data is delivered.

View endpoints →

Endpoint reference

Every Hightouch API method.

Filter by method, access, or permission, or search any path. Select a row for version detail, rate limits, the related webhook event, and the source.

Hide deprecated

Method	Endpoint	What it does	Access	Permission	Version
Syncs List, read, create, and update syncs, and trigger a sync to move data into a destination.6
GET	`/api/v1/syncs`	List the syncs in the workspace.	read	—	Current
A Hightouch API key is workspace-level and carries no per-endpoint scope, so any valid key in the workspace can call this. Acts onsync Permission (capability)None required VersionAvailable since the API’s base version Webhook eventNone Rate limitStandard limits apply SourceOfficial documentation ↗
GET	`/api/v1/syncs/{id}`	Get a single sync by its id.	read	—	Current
The workspace API key carries no per-endpoint scope. Acts onsync Permission (capability)None required VersionAvailable since the API’s base version Webhook eventNone Rate limitStandard limits apply SourceOfficial documentation ↗
POST	`/api/v1/syncs`	Create a sync that maps a model's rows into a destination.	write	—	Current
Any valid workspace API key can write here; Hightouch has no narrower per-method permission. Acts onsync Permission (capability)None required VersionAvailable since the API’s base version Webhook eventNone Rate limitStandard limits apply SourceOfficial documentation ↗
PATCH	`/api/v1/syncs/{id}`	Update a sync's configuration, such as its schedule or field mappings.	write	—	Current
Any valid workspace API key can write here. Acts onsync Permission (capability)None required VersionAvailable since the API’s base version Webhook eventNone Rate limitStandard limits apply SourceOfficial documentation ↗
POST	`/api/v1/syncs/{id}/trigger`	Trigger a run of a sync, optionally as a full resync.	write	—	Current
The fullResync field, when true, resyncs every row in the model rather than only the rows that changed. Any valid workspace API key can call this. Acts onsync Permission (capability)None required VersionAvailable since the API’s base version Webhook eventNone Rate limitStandard limits apply SourceOfficial documentation ↗
POST	`/api/v1/syncs/trigger`	Trigger a sync run by passing the sync id or slug in the body, optionally as a full resync.	write	—	Current
Accepts a syncId or a syncSlug so a run can be started from a stable name. Any valid workspace API key can call this. Acts onsync Permission (capability)None required VersionAvailable since the API’s base version Webhook eventNone Rate limitStandard limits apply SourceOfficial documentation ↗
Sync runs List the runs of a sync and read the rows queried, added, changed, and removed in each one.1
GET	`/api/v1/syncs/{id}/runs`	List the runs of a sync, each with its status and the rows queried, added, changed, and removed.	read	—	Current
A run records whether a sync succeeded and how many records it moved. The workspace API key carries no per-endpoint scope. Acts onsync run Permission (capability)None required VersionAvailable since the API’s base version Webhook eventNone Rate limitStandard limits apply SourceOfficial documentation ↗
Models List, read, create, and update the models that define which warehouse rows a sync sends.4
GET	`/api/v1/models`	List the models in the workspace.	read	—	Current
A model is the query that defines which warehouse rows a sync sends. The workspace API key carries no per-endpoint scope. Acts onmodel Permission (capability)None required VersionAvailable since the API’s base version Webhook eventNone Rate limitStandard limits apply SourceOfficial documentation ↗
GET	`/api/v1/models/{id}`	Get a single model by its id.	read	—	Current
The workspace API key carries no per-endpoint scope. Acts onmodel Permission (capability)None required VersionAvailable since the API’s base version Webhook eventNone Rate limitStandard limits apply SourceOfficial documentation ↗
POST	`/api/v1/models`	Create a model that defines a set of rows from a source.	write	—	Current
Any valid workspace API key can write here. Acts onmodel Permission (capability)None required VersionAvailable since the API’s base version Webhook eventNone Rate limitStandard limits apply SourceOfficial documentation ↗
PATCH	`/api/v1/models/{id}`	Update a model's query or configuration.	write	—	Current
Changing a model changes which rows every sync built on it sends. Any valid workspace API key can write here. Acts onmodel Permission (capability)None required VersionAvailable since the API’s base version Webhook eventNone Rate limitStandard limits apply SourceOfficial documentation ↗
Sources List, read, create, and update the warehouses and databases connected as data sources.4
GET	`/api/v1/sources`	List the data sources connected to the workspace.	read	—	Current
A source is a connected warehouse or database. The workspace API key carries no per-endpoint scope. Acts onsource Permission (capability)None required VersionAvailable since the API’s base version Webhook eventNone Rate limitStandard limits apply SourceOfficial documentation ↗
GET	`/api/v1/sources/{id}`	Get a single source by its id.	read	—	Current
The workspace API key carries no per-endpoint scope. Acts onsource Permission (capability)None required VersionAvailable since the API’s base version Webhook eventNone Rate limitStandard limits apply SourceOfficial documentation ↗
POST	`/api/v1/sources`	Create a source by connecting a warehouse or database.	write	—	Current
Connecting a source sets up access to a warehouse's data. Any valid workspace API key can write here. Acts onsource Permission (capability)None required VersionAvailable since the API’s base version Webhook eventNone Rate limitStandard limits apply SourceOfficial documentation ↗
PATCH	`/api/v1/sources/{id}`	Update a source's connection settings.	write	—	Current
Any valid workspace API key can write here. Acts onsource Permission (capability)None required VersionAvailable since the API’s base version Webhook eventNone Rate limitStandard limits apply SourceOfficial documentation ↗
Destinations List, read, create, and update the external tools that syncs deliver data into.4
GET	`/api/v1/destinations`	List the destinations connected to the workspace.	read	—	Current
A destination is an external tool a sync delivers data into. The workspace API key carries no per-endpoint scope. Acts ondestination Permission (capability)None required VersionAvailable since the API’s base version Webhook eventNone Rate limitStandard limits apply SourceOfficial documentation ↗
GET	`/api/v1/destinations/{id}`	Get a single destination by its id.	read	—	Current
The workspace API key carries no per-endpoint scope. Acts ondestination Permission (capability)None required VersionAvailable since the API’s base version Webhook eventNone Rate limitStandard limits apply SourceOfficial documentation ↗
POST	`/api/v1/destinations`	Create a destination by connecting an external tool.	write	—	Current
Any valid workspace API key can write here. Acts ondestination Permission (capability)None required VersionAvailable since the API’s base version Webhook eventNone Rate limitStandard limits apply SourceOfficial documentation ↗
PATCH	`/api/v1/destinations/{id}`	Update a destination's connection settings.	write	—	Current
Any valid workspace API key can write here. Acts ondestination Permission (capability)None required VersionAvailable since the API’s base version Webhook eventNone Rate limitStandard limits apply SourceOfficial documentation ↗

No endpoints match those filters.

Webhooks

Webhook events.

Hightouch does not deliver events to an app or AI agent through the management API. To follow a sync, an agent reads its runs and their status, and the platform can post sync status to a destination such as Slack through a separate alerting feature.

Event	What it signals	Triggered by

No events match that search.

Rate limits & pagination

Rate limits, pagination & request size.

Hightouch limits how fast an app or AI agent can call, through a single per-workspace request quota that every API key in the workspace shares.

Request rate

Hightouch sets one primary limit of 200 requests per 10 seconds per workspace. Because the limit is per workspace, every API key in that workspace draws from the same quota, so several agents calling at once share it. Going over returns 429 Too Many Requests, so a caller should pace its requests and retry after a short pause.

Pagination

List endpoints return the resources in a workspace. Where a list is long, Hightouch returns it in pages, so a caller follows the pages rather than expecting a single response to hold everything.

Request size

Requests and responses are JSON over HTTPS. A trigger call carries only a small body, such as the fullResync flag, while a model or sync configuration is larger but still well within ordinary request sizes.

Errors

Status codes & error handling.

The status codes an agent should handle, and what to do about each.

Status	Code	Meaning	What to do
401	`Authentication error`	The API key is missing or invalid, or the key's creator is not an admin of the workspace. The body returns a message and details, such as 'No user found'.	Send a valid key in the Authorization header, created by an admin user of the workspace.
404	`Not Found`	The sync, model, source, or destination id does not exist in the workspace the key belongs to.	Confirm the id is correct and belongs to the same workspace as the API key.
429	`Too Many Requests`	The workspace exceeded the rate limit of 200 requests per 10 seconds, which every key in the workspace shares.	Slow the request rate and retry after a short pause; the quota is per workspace, so coordinate across all keys.

Versioning & freshness

Version history.

Hightouch carries one URL version, v1, in the path of every endpoint. Changes ship through the changelog rather than a new dated version string.

Version history

What changed, and when

Latest versionv1

v1Current version

REST API for sources, models, destinations, and syncs

The v1 REST API lets a caller list and inspect sources, destinations, models, and syncs, and trigger sync runs, authenticated with a workspace API key. It carries the v1 version in the path of every endpoint, and Hightouch ships later changes through the changelog rather than a new dated version string.

What changed

Endpoints to list, read, create, and update sources, models, destinations, and syncs
Trigger a sync run by id, or by id or slug, with an optional full resync
List the runs of a sync with their status and record counts

2025-07-15Feature update

Identity Resolution run status API added

Hightouch added an API endpoint to fetch the run status and metadata of an identity resolution graph, so a caller can monitor a job's progress and trigger downstream work when it finishes. It is part of the same v1 API and uses the same workspace API key. It was published on 15 July 2025.

What changed

New endpoint to read the run status and metadata of an identity resolution graph
Lets a caller monitor identity resolution progress and orchestrate downstream steps

An integration calls the v1 path and tracks changes through the changelog.

Hightouch changelog ↗

Questions

Hightouch API, answered.

How do I authenticate with the Hightouch API?+

Create an API key in the workspace under Settings, on the API keys tab, which only an admin can do. The key is shown once, so it must be copied then. Send it on every request as 'Authorization: Bearer '. A key created by a non-admin user returns an authentication error such as 'No user found'.

What can an API key access, and can I limit it?+

A Hightouch API key is workspace-level. It has read and write access to every source, model, destination, and sync in that workspace, and can trigger any sync. Hightouch does not offer narrower per-endpoint scopes or read-only keys, so a key cannot be limited to one sync or to reads alone inside Hightouch. Narrowing what a given agent can do has to be enforced by a governing layer in front of the key.

What are the rate limits?+

The limit is 200 requests per 10 seconds per workspace. It is counted per workspace, not per key, so every API key in the workspace shares the same quota and parallel callers add up against it. Exceeding the limit returns 429 Too Many Requests, so a caller should pace its requests and retry after a short pause.

How do I trigger a sync, and what is a full resync?+

Send a POST to /api/v1/syncs/{id}/trigger, or to /api/v1/syncs/trigger with the sync's id or slug in the body. By default a run sends only the rows that changed since the last run. Setting fullResync to true makes the run send every row in the model again, ignoring what was synced before.

Does Hightouch send events or webhooks to my app?+

The management API does not push events to a caller. To follow a sync, an agent reads its runs through /api/v1/syncs/{id}/runs and checks their status. Separately, Hightouch can post sync alerts to destinations such as Slack or email through its alerting feature, which is configured in the product rather than through this API.

Does Hightouch have an MCP server?+

Hightouch does not publish a first-party Model Context Protocol server for its management API. It does publish documentation files for AI tools, an index at /docs/llms.txt and the full text at /docs/llms-full.txt, plus a skill file, so an agent can learn the REST API. To act on a workspace, an agent calls the REST API directly.

What is Bollard AI?

Control what every AI agent can do in Hightouch.

Bollard AI sits between a team's AI agents and Hightouch. Grant each agent exactly the access it needs, read or write, resource by resource, and every call is checked and logged.

Set read, write, or full access per agent, never a shared Hightouch API key.
Denied by default, so an agent reaches only what has been explicitly allowed.
Every call recorded in plain English: who, what, where, and the decision.

Control Hightouch access in Bollard Browse all APIs →

Hightouch

Data Agent

Read syncs and runs ResourceOffReadFull use

Trigger a sync ActionOffReadFull use

Create models ResourceOffReadFull use

Per-agent access, set in Bollard AI, not in Hightouch

How the Hightouch API works.

Connection & authentication methods.

REST API

Workspace API key

What an AI agent can do in Hightouch.

Syncs

Sync runs

Models

Sources

Destinations

Every Hightouch API method.

Syncs

Sync runs

Models

Sources

Destinations

Webhook events.

Rate limits, pagination & request size.

Request rate

Pagination

Request size

Status codes & error handling.

Version history.

What changed, and when

Hightouch API, answered.

More data API guides for agents

Fivetran

Databricks

Snowflake

dbt

BigQuery

Supabase

Control what every AI agent can do in Hightouch.