API Keys are automatically generated when you create Datasets, or may be manually added within the API Keys panel.
You may want to roll an API key if it is compromised and you need to block it and generate a new one. When rolling an API key, you can choose to block the old key immediately or allow it to work for a limited time interval, providing you with time to make the transition.
When you Roll an API Key, there is no need to regenerate the Primary Key. The replacement API Key Credentials will automatically be associated with the original Primary Key.
You may also want to add new API Keys for each new server you need to encrypt or decrypt data on securely with your Applications. Likewise, you may want to delete API Keys when they are no longer needed.
- On the left side menu click API Keys.
- The API Keys panel appears showing all API Key(s) generated via the Dataset Creation Wizard, or manually added within the API Keys panel.
- Edit, Delete, Disable or Roll an API Key by selecting the three dots (...) at the end of every row.
- If you select Roll API Key, then you will be presented with an additional Roll API Key panel.
- Select the expiration date followed by pressing the Roll API Key button. You will be required to authenticate with your authenticator application one-time passcode to complete the action.
- Add new API Keys by selecting the + Create New API Keys button located at the right of the API Keys panel.
- You will then be presented with a New API Key panel where you can enter a Name, Description, and IP Range allowed for the new API Key.
- Next, click Create API Key, acquire your API Key Credentials by clicking the Copy button, and select the Dataset(s) that you want to associate the new key with. It is very important that you save the API Key Credentials so that you’ll have them available for use. These credentials will not be accessible later if you Close the create panel without copying them.
Confidentially of these API Key Credentials is critical to protecting encrypted data. For these reasons, the Credentials should be stored in a well-managed and backed up secret management server or password vault.
Updated 6 months ago