# Create An API User

Go to **Admin | Users** and click the *green* **Add User** button:

<figure><img src="https://3790748257-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FT43PzcNjyZtWby9yrGd3%2Fuploads%2FLKYWBWBs8GSXl5WUlqw7%2Fimage.png?alt=media&#x26;token=d19b5b8e-c311-47b5-a3d6-3c0d9ae1bc98" alt=""><figcaption></figcaption></figure>

&#x20; &#x20;

**Create New User:**

<figure><img src="https://3790748257-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FT43PzcNjyZtWby9yrGd3%2Fuploads%2FsGaPV5Q9keqJTWLUADWo%2Fimage.png?alt=media&#x26;token=450f0747-940a-4baa-b1e6-13666c5b1906" alt=""><figcaption></figcaption></figure>

**Username:** Desired username for user (loginId on API requests)

**Email:** Email address for user (optional)

**Access Level:** Select 'Api User'

**Password:** Desired password **\*Note:** **The password must not have an "&" sign on it.** (password on API requests)

**Confirm:** Confirm Password

{% hint style="danger" %}

#### **IP Whitelist** <a href="#createanapiuser-ipwhitelist" id="createanapiuser-ipwhitelist"></a>

**For each API user that is created, you will need to whitelist the IP of the server making the API calls to CheckoutChamp.**

**Alternatively, you can enter AWS, GOOGLE, AZURE, CLOUDFLARE or DIGITAL\_OCEAN to whitelist the entire range used by those services**
{% endhint %}

{% hint style="warning" %}
***NOTE: API Users cannot log into the CRM. They can only send API calls to your instance.***
{% endhint %}