What the API Keys Page Shows
The page shows a table of existing keys across the account, including:- Name
- Key prefix
- Project
- Status
- Scopes
- Expiration
- Last used
- Created date
Creating a Key
Click Create API Key to open the creation dialog. When creating a key, you choose:- A friendly name
- The project the key should access
- An optional expiration
- The allowed API scopes
Scopes
API keys can be left broad or narrowed to specific endpoint groups. Use scopes when you want to:- Limit a BI dashboard to read-only visibility data
- Restrict automation to actions or webhook management
- Give an agent the smallest access surface it needs
Updating and Revoking Keys
From the table you can:- Open the Scopes dialog to narrow or expand endpoint access
- Revoke a key you no longer trust or need
Expiration
Keys support optional expiration windows such as:- No expiration
- 30 days
- 60 days
- 90 days
- 180 days
- 1 year
Permissions
Only team members with thesettings.manage permission can manage API keys.
Best Practices
- Create separate keys for separate systems
- Name keys after the integration that owns them
- Prefer scoped keys over full-access keys
- Use expiration for temporary access
- Revoke keys immediately when an integration is retired
Next Steps
- Authentication - Learn how to use keys in requests
- MCP Server - Connect agent tooling with scoped keys
- Agent Activity - Audit how keys are being used