Klaviyo Connector
Connect Klaviyo to Brevo through Tajo to migrate or synchronize marketing data between platforms. Sync profiles, events, lists, segments, flows, and campaign data for a unified multi-channel marketing strategy.
Overview
| Property | Value |
|---|---|
| Platform | Klaviyo |
| Category | Marketing |
| Setup Complexity | Medium |
| Official Integration | No |
| Data Synced | Profiles, Events, Lists, Segments, Campaigns |
| Available Skills | 10 |
| API Standard | JSON:API |
Features
- Profile sync - Bidirectional sync of customer profiles between Klaviyo and Brevo
- Event forwarding - Forward Klaviyo tracked events to Brevo for automation triggers
- List migration - Sync Klaviyo lists to Brevo contact lists
- Segment sync - Export Klaviyo segments as Brevo lists or segments
- Flow data export - Pull flow performance data for cross-platform analytics
- Campaign sync - Coordinate campaigns across Klaviyo and Brevo channels
- Catalog sync - Mirror product catalogs between platforms
- Coupon management - Sync coupon codes and usage data
Prerequisites
Before you begin, ensure you have:
- A Klaviyo account with API access
- A Private API Key with appropriate scopes
- Your Klaviyo Public API Key (6-character company ID)
- A Brevo account with API access
- A Tajo account with API credentials
Authentication
Private API Key
Klaviyo uses private API keys with scoped access for server-side authentication. Set the key in the Authorization header:
curl https://a.klaviyo.com/api/profiles/ \ -H "Authorization: Klaviyo-API-Key your-private-api-key" \ -H "revision: 2026-01-15"API Key Scopes
Configure scopes when creating your private key:
| Scope | Access | Description |
|---|---|---|
profiles | Read/Full | Access contact profiles |
events | Read/Full | Access tracked events |
lists | Read/Full | Access contact lists |
segments | Read | Access segments |
campaigns | Read | Access campaign data |
metrics | Read | Access metric definitions |
flows | Read | Access flow configurations |
catalogs | Read | Access product catalogs |
Public API Key
For client-side tracking, use the 6-character company ID:
curl -X POST "https://a.klaviyo.com/client/events/?company_id=COMPANY_ID" \ -H "Content-Type: application/json" \ -d '{"data": {...}}'OAuth (Partner Integrations)
Klaviyo supports OAuth for tech partners, offering improved security and rate limits:
curl https://a.klaviyo.com/api/profiles/ \ -H "Authorization: Bearer YOUR_OAUTH_TOKEN" \ -H "revision: 2026-01-15"Configuration
Basic Setup
connectors: klaviyo: enabled: true private_api_key: "your-klaviyo-private-key" public_api_key: "XXXXXX" api_revision: "2026-01-15"
# Data sync options sync: profiles: true events: true lists: true segments: true catalogs: false
# Brevo list assignment lists: all_contacts: 20 subscribers: 21 high_value: 22Profile Mapping
Map Klaviyo profile properties to Brevo contact attributes:
profile_mapping: email: email first_name: FIRSTNAME last_name: LASTNAME phone_number: SMS city: CITY region: REGION country: COUNTRY zip: ZIP organization: COMPANY title: JOB_TITLE
# Custom properties lifetime_value: LTV total_orders: ORDER_COUNT last_order_date: LAST_ORDER_DATE preferred_channel: CHANNEL_PREFEvent Mapping
Map Klaviyo metrics to Brevo events:
event_mapping: "Placed Order": "order_completed" "Ordered Product": "product_purchased" "Started Checkout": "checkout_started" "Added to Cart": "cart_updated" "Viewed Product": "product_viewed" "Subscribed to List": "customer_subscribed" "Received Email": "email_received" "Opened Email": "email_opened" "Clicked Email": "email_clicked"API Endpoints
| Method | Endpoint | Description |
|---|---|---|
GET | /api/profiles/ | List profiles |
POST | /api/profiles/ | Create a profile |
PATCH | /api/profiles/{id}/ | Update a profile |
POST | /api/profile-merge/ | Merge duplicate profiles |
GET | /api/events/ | List events |
POST | /api/events/ | Create an event |
GET | /api/lists/ | List all lists |
POST | /api/lists/{id}/relationships/profiles/ | Add profiles to a list |
GET | /api/segments/ | List segments |
GET | /api/campaigns/ | List campaigns |
GET | /api/flows/ | List flows |
GET | /api/metrics/ | List metrics |
POST | /api/metric-aggregates/ | Query metric aggregates |
GET | /api/catalog-items/ | List catalog items |
Code Examples
Initialize Klaviyo Connector
import { TajoClient } from '@tajo/sdk';
const tajo = new TajoClient({ apiKey: process.env.TAJO_API_KEY, brevoApiKey: process.env.BREVO_API_KEY});
// Connect Klaviyo accountawait tajo.connectors.connect('klaviyo', { privateApiKey: process.env.KLAVIYO_PRIVATE_KEY, publicApiKey: process.env.KLAVIYO_PUBLIC_KEY});Sync Profiles to Brevo
// Fetch Klaviyo profiles and sync to Brevoconst response = await fetch('https://a.klaviyo.com/api/profiles/', { headers: { 'Authorization': `Klaviyo-API-Key ${PRIVATE_KEY}`, 'revision': '2026-01-15', 'Accept': 'application/vnd.api+json' }});
const { data } = await response.json();
// Each profile follows JSON:API format// {// "type": "profile",// "id": "01ABCDEF",// "attributes": {// "email": "[email protected]",// "first_name": "Jane",// "last_name": "Kim",// "phone_number": "+15551234567",// "properties": { "lifetime_value": 450.00 }// }// }Create an Event
// Track an event in Klaviyo (forwarded to Brevo via Tajo)await fetch('https://a.klaviyo.com/api/events/', { method: 'POST', headers: { 'Authorization': `Klaviyo-API-Key ${PRIVATE_KEY}`, 'revision': '2026-01-15', 'Content-Type': 'application/vnd.api+json', 'Accept': 'application/vnd.api+json' }, body: JSON.stringify({ data: { type: 'event', attributes: { metric: { data: { type: 'metric', attributes: { name: 'Placed Order' } } }, profile: { }, properties: { OrderId: 'ORD-1234', Value: 89.99, Items: [ { ProductName: 'Widget Pro', Price: 89.99, Quantity: 1 } ] }, value: 89.99 } } })});Query Metric Aggregates
// Get aggregate metric data for reportingawait fetch('https://a.klaviyo.com/api/metric-aggregates/', { method: 'POST', headers: { 'Authorization': `Klaviyo-API-Key ${PRIVATE_KEY}`, 'revision': '2026-01-15', 'Content-Type': 'application/vnd.api+json' }, body: JSON.stringify({ data: { type: 'metric-aggregate', attributes: { metric_id: 'METRIC_ID', measurements: ['count', 'sum_value'], interval: 'day', filter: ['greater-or-equal(datetime,2024-01-01)', 'less-than(datetime,2024-02-01)'] } } })});Rate Limits
| Authentication | Burst Limit | Steady Limit |
|---|---|---|
| Private API Key | 75 requests/sec | 700 requests/min |
| OAuth | 150 requests/sec | 1,500 requests/min |
| Client API | 100 requests/sec | N/A |
| Bulk operations | 10 requests/sec | 100 requests/min |
API Revision Required
All Klaviyo API requests require the revision header set to a valid API version date (e.g., 2026-01-15). Requests without this header will be rejected.
Troubleshooting
| Issue | Cause | Solution |
|---|---|---|
400 Bad Request | Invalid or missing API key | Verify private API key is correct |
403 Forbidden | Insufficient scope | Check API key scopes match required permissions |
Missing revision header | Header not set | Add revision: 2026-01-15 to all requests |
| Profile not found | Wrong identifier | Use Klaviyo profile ID, not email, for lookups |
| Events not syncing | Wrong metric name | Match exact metric names as defined in Klaviyo |
429 Too Many Requests | Rate limit exceeded | Implement exponential backoff, consider OAuth for higher limits |
| JSON:API format errors | Wrong content type | Use application/vnd.api+json for Content-Type and Accept headers |
Best Practices
- Use JSON:API format - Follow JSON:API specification for all request and response payloads
- Set the revision header - Always include the
revisionheader with the latest API version date - Use sparse fieldsets - Request only needed fields with
?fields[profile]=email,first_nameto reduce payload size - Leverage relationships - Use JSON:API
includeparameter to fetch related resources in a single request - Use cursor pagination - Navigate large result sets with
page[cursor]parameter - Implement bulk operations - Use bulk endpoints for batch profile imports and event creation
- Use OAuth for higher limits - OAuth authentication provides 2x higher rate limits than private keys
Security
- Private API key scopes - Granular Read/Full access control per resource type
- OAuth support - Secure token-based authentication for partner integrations
- Public key isolation - Client-side keys limited to create-only operations
- TLS 1.2+ - All API communication encrypted in transit
- SOC 2 Type II - Klaviyo is SOC 2 Type II certified
- GDPR compliance - Data Privacy API for profile deletion requests
Related Resources
Open-Source Implementation Map
This section is derived from official or public repository material discovered for the Klaviyo connector. Use it as the engineering companion to the setup guide above: it shows where the API surface lives, what implementation assets exist, and how Tajo should translate them into reliable Brevo sync behavior.
Repository Snapshot
| Repository | Commit | Languages / formats | Files |
|---|---|---|---|
| klaviyo/openapi | ebc88dd | JSON (434), Markdown (2), license (1) | 437 |
Integration Shape
graph LR Source["Klaviyo API / repository"] --> Auth["Auth and scopes"] Source --> Objects["Objects, events, and schemas"] Auth --> Tajo["Tajo connector runtime"] Objects --> Tajo Tajo --> Brevo["Brevo contacts, attributes, lists, campaigns"] Tajo --> Ops["Backfill, cursor, retries, logs"]What To Reuse
- Klaviyo’s OpenAPI Specification
- Versioned OpenAPI specs for the Klaviyo API. Same source we use for API docs and our SDKs.
- Layout
- | Path | Contents | Use it when |
- |---|---|---|
Tajo Revamp Checklist
- Keep authentication setup aligned with the vendor docs and the public repository’s current API shape.
- Map primary resources into explicit Tajo sync objects with stable external IDs.
- Prefer cursor-based or updated-at incremental sync where the API exposes it; otherwise document the fallback.
- Treat webhook handlers as idempotent and replay-safe, especially for order, contact, ticket, and campaign events.
- Capture pagination, rate limits, retry headers, and partial-failure behavior in connector smoke tests.
- Keep examples small and runnable against sandbox or test-mode accounts.