> ## Documentation Index
> Fetch the complete documentation index at: https://docs.firstresonance.io/llms.txt
> Use this file to discover all available pages before exploring further.

# Build a production integration

> Take an integration from your first API call to production.

This is the GraphQL API path to an integration. For other approaches, such as the Workflow Builder, see [Create an integration](/automate-with-ion/integrations/create-an-integration). Once your first calls work (see [Getting started](/api-reference/getting-started)), follow this path to take an integration to production.

## Get access

For your own org, ask an admin for access to your [sandbox](/api-reference/sandbox). For an external org, that org grants you access to their environment.

<Warning>
  Gov Cloud is restricted to US persons only. If you're a non-US person building for a Gov Cloud organization, use your own ION sandbox and grant access to other domains instead.
</Warning>

<Note>
  If your organization doesn't have a sandbox yet, reach out to First Resonance to request one.
</Note>

## Set permissions

An admin grants the permissions your integration needs. An API key holds the permissions its creating user had **at the moment it was generated**. Set those permissions first. See the [permissions reference](/administration/users-and-permissions/overview#permissions-reference), [Manage API keys](/api-reference/authentication/api-keys), and [Webhooks](/api-reference/guides/webhooks).

## Connect

Obtain an access token ([Authentication](/api-reference/authentication/overview)) and subscribe to the events you care about ([Webhooks](/api-reference/guides/webhooks)). You can build the integration in a traditional environment such as Python or Node.js, or in a low-code iPaaS tool.

## Map the flow

List the triggers, steps, and API calls your integration needs. Configure any new [custom attributes](/administration/custom-attributes) to represent data that doesn't have a home in ION yet.

<Note>
  Every unique mutation in ION has an associated permission. Use the [API playground](/api-reference/playground) to confirm which permissions a call requires before you build.
</Note>

## Test and promote

Validate your edge cases against the sandbox, then roll out to production. The production environment needs its own set of API keys and webhook receivers.

## Related

* [Getting started](/api-reference/getting-started)
* [Authentication](/api-reference/authentication/overview)
* [Set up webhooks](/api-reference/guides/webhooks)
