API Keys & Access

Sandbox keys are managed in Sandbox Console after Identity sign-in. Production dashboard access and production key issuance are provisioned separately after approval.

Key model

Separate keys by environment and workload.
Apply least-privilege route scope.
Rotate on a fixed cadence and on incident response.

Storage requirements

Store keys only in a secrets manager.
Never commit keys to source control.
Use short-lived deployment injection where possible.

Rotation workflow

Create new key.
Deploy dual-key capable config.
Shift traffic to new key.
Revoke old key and validate no residual usage.

Deprecated

Long-lived shared keys across multiple systems are deprecated practice. Move to per-service scoped credentials.

API Keys & Access​

Key model​

Storage requirements​

Rotation workflow​

API Keys & Access

Key model

Storage requirements

Rotation workflow