Service API Keys
Overview
Section titled “Overview”Service API Keys are infrastructure-level credentials used to authenticate micro-services and platform integrations at the system layer — distinct from tenant-scoped API keys managed by Tenant Admins. These keys authorize service-to-service communication and external system access at the platform level.
Access & Permissions
Section titled “Access & Permissions”| Role | Access Level |
|---|---|
| Tenant Admin | No access (see Settings > Data & Monitoring > API Keys for tenant-level keys) |
| Account Admin | No access |
| Super User | Full access |
Visibility Conditions
Section titled “Visibility Conditions”Visible to Super Users only.
Key Features
Section titled “Key Features”- Key Generation — Generate new service-level API keys with a descriptive name, assigned service scope, and optional expiry.
- Service Binding — Bind a key to a specific registered micro-service to restrict its usage to that service’s API surface.
- Key Rotation — Generate a new key and deprecate the old one with a configurable overlap window to ensure zero-downtime rotation.
- Revocation — Immediately revoke any key to block access in the event of a suspected compromise.
- Usage Monitoring — View the last-used timestamp and request count for each active key.
:::tip TODO
- Provide a guide on the key rotation procedure for production services.
- Document the authentication header format for service-to-service API calls.
- Add a security best-practice guide for managing infrastructure keys. :::