Manage API keys

What is an API key?

An API key is a secure credential your application uses to call KMS. Unlike user accounts, API keys are scoped to specific operations, not tied to any individual person, and revocable at any time without affecting other keys or accounts.

Create a new API key

  1. Click “Create API Key”

  2. Fill in: Key Name (required), Permissions (required), IP Whitelist (optional — recommended for production), Description (optional)

  3. Click Create

Permission

What it allows?

read

Read key details and metadata

create

Create new keys

update

Update key properties and state

rotate

Rotate key versions

encrypt

Encrypt data with keys

dencrypt

Decrypt data with keys

Save your secret — do this now

After creation, the system shows your key’s full secret value once and only once. Click COPY icon before continuing.

IMPORTANT: Once you close this screen, the secret is gone forever. If you lose it, you must revoke the key and create a new one.

Edit and Revoke a key

Click any key to open the detail panel. You can change: Key Name, IP Whitelist, Permissions, Description. You cannot change the Secret Key.

Revoke when a key is no longer needed or may be compromised. Revoked keys cannot be reactivated — create a new one if needed.

Last updated