Managing API Keys
Viewing API Keys
When you navigate to the API section, you’ll see a table listing all your API keys. Each row contains:
- API Key ID: Unique identifier for your key
- API Key: The masked key value
- Status: Current state (ACTIVE/INACTIVE)
- Last Used: Timestamp of last usage
- Risk Profile: Associated profile settings
- Actions: Edit and delete options
Creating a New API Key
Follow these steps to generate a new API key:
- Click the “Create New API Key” button in the top right corner
- Select a Risk Profile from the dropdown (Optional)
- Click “Create API Key” to generate
Important
After creation, make sure to:
- Store it securely
- Copy the API key value by clicking on the Copy Icon.
Updating API Key Settings
To modify an existing API key:
- Find the target key in the table
- Click the edit (pencil) icon in the Actions column
- Modify the available settings:
- Risk Profile association
- Key status
- Save your changes
Deleting an API Key
To remove an API key:
- Locate the key in the API keys table
- Click the delete (trash) icon
- Confirm deletion in the warning dialog
- Click “Delete” to permanently remove the key
Warning
- Deletion is permanent and cannot be undone
- All services using this key will stop working immediately
- Make sure to update any applications using the deleted key
API Key Status
Your API keys can have the following statuses:
| Status | Description |
|---|---|
| ACTIVE | Key is working and can make API calls |
| INACTIVE | Key is temporarily disabled |
| EXPIRED | Key has reached its end date |
Best Practices
-
Regular Rotation
- Rotate keys periodically for security
- Create new keys before deleting old ones
- Update applications with new keys gradually
-
Access Control
- Use different keys for different applications
- Assign appropriate Risk Profiles to each key
- Monitor “Last Used” timestamps regularly
-
Security
- Never share API keys publicly
- Store keys in secure environment variables
- Delete unused or compromised keys immediately