Scoped API Key FAQlink
Read answers to frequently asked questions about our scoped API keys.
Do you have system keys available?link
No. We recommend using the following solution:
NOTE: You must have the Account Administrator role or a custom role with Manage Users and Manage Roles permissions on the Free, Standard, Enterprise, or Business Critical plan.
- Create a user account to be used with the scoped API key. Use an email you have access to because you will log in to this account to generate the API key.
TIP: Name this user account according to the resources and permissions the API key uses, for example:
backend-app-key@yourcompany.com
. - Assign the intended role to the user account.
- Log in as the created user and generate a scoped API key and secret as described in our Scoped API Keys documentation.
- Use your relevant key management tooling to store the application-specific key and secret.
- Share the key and secret with the relevant users in your organization.
NOTE: If you need to rotate API keys, we recommend creating another application-specific user with the same permissions and follow our rotation procedure.
What happens to existing user API keys?link
The existing API keys continue to work and retain their super-admin functionality. We are not invalidating any keys as part of the Scoped API Key feature.
What happens when I delete a user?link
The API key becomes invalid. API keys are checked on multiple conditions, including the corresponding user account validity.
How do I revoke a key?link
To revoke a key, delete the user.
How do I rotate a key?link
Click Generate API key and click through the warning prompts. This will invalidate the previous key.
How do I rotate a key without taking down my application?link
Switch from the original key you want to rotate to another user’s key that has the same permissions, rotate the original key, and then switch back.