{"templateId":"markdown","sharedDataIds":{"sidebar":"sidebar-sidebars.yaml"},"props":{"metadata":{"markdoc":{"tagList":["admonition"]},"redocly_category":"Products","product_name":"Control Panel","type":"markdown"},"seo":{"title":"About API Keys","description":"Learn about API key types and management in Treasure AI, including Master keys, Write-only keys, and expiration policies.","siteUrl":"https://docs.treasuredata.com","lang":"en-US","llmstxt":{"hide":false,"sections":[{"title":"Table of contents","includeFiles":["**/*"],"excludeFiles":[]}],"excludeFiles":[]}},"dynamicMarkdocComponents":[],"compilationErrors":[],"ast":{"$$mdtype":"Tag","name":"article","attributes":{},"children":[{"$$mdtype":"Tag","name":"Heading","attributes":{"level":1,"id":"about-api-keys","__idx":0},"children":["About API Keys"]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["API keys authenticate requests to Treasure AI's REST APIs and are required for programmatic access, automations, and workflow operations."]},{"$$mdtype":"Tag","name":"Heading","attributes":{"level":2,"id":"api-key-types","__idx":1},"children":["API Key Types"]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["Treasure AI provides two types of API keys:"]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":[{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["Master API key"]},{"$$mdtype":"Tag","name":"br","attributes":{},"children":[]},"Grants full operational access matching your user permission level."]},{"$$mdtype":"Tag","name":"Admonition","attributes":{"type":"warning"},"children":[{"$$mdtype":"Tag","name":"p","attributes":{},"children":["Keep your Master key secure—Master keys provide both read and write access, so anyone who obtains it could access, corrupt, or delete your data. Never share or expose a Master key."]}]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":[{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["Write-only API key"]},{"$$mdtype":"Tag","name":"br","attributes":{},"children":[]},"Grants restricted access limited to data ingestion. Use this key when embedding credentials in third-party tools or ingestion libraries to minimize security risk."]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["New users receive one of each key type by default. You can generate additional keys or revoke existing ones from the API Keys portal."]},{"$$mdtype":"Tag","name":"Heading","attributes":{"level":2,"id":"scope-and-applicability","__idx":2},"children":["Scope and Applicability"]},{"$$mdtype":"Tag","name":"ul","attributes":{},"children":[{"$$mdtype":"Tag","name":"li","attributes":{},"children":["API key expiration applies to ",{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["all customer-visible API keys"]},", including both Master and Write-only keys."]},{"$$mdtype":"Tag","name":"li","attributes":{},"children":["Internal API keys are ",{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["not"]}," affected by expiration policies."]},{"$$mdtype":"Tag","name":"li","attributes":{},"children":["Existing workflows, automations, or integrations using an API key will ",{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["fail"]}," if the key expires. Users are responsible for replacing expired keys in their applications before expiration."]}]},{"$$mdtype":"Tag","name":"Heading","attributes":{"level":2,"id":"learn-more","__idx":3},"children":["Learn More"]},{"$$mdtype":"Tag","name":"ul","attributes":{},"children":[{"$$mdtype":"Tag","name":"li","attributes":{},"children":[{"$$mdtype":"Tag","name":"MarkdownLink","attributes":{"href":"/products/control-panel/security/api-key/api-key-expiration-policy"},"children":["API Key Expiration Policy"]}," — Configure key rotation and lifespan settings."]},{"$$mdtype":"Tag","name":"li","attributes":{},"children":[{"$$mdtype":"Tag","name":"MarkdownLink","attributes":{"href":"/products/control-panel/security/api-key/configuring-expiration-reminders"},"children":["Configuring Expiration Reminders"]}," — Set up automated notifications before keys expire."]},{"$$mdtype":"Tag","name":"li","attributes":{},"children":[{"$$mdtype":"Tag","name":"MarkdownLink","attributes":{"href":"/products/control-panel/security/api-key/manually-expiring-api-keys"},"children":["Manually Expiring API Keys"]}," — Immediately deactivate a key without deleting it."]}]},{"$$mdtype":"Tag","name":"Heading","attributes":{"level":2,"id":"related-resources","__idx":4},"children":["Related Resources"]},{"$$mdtype":"Tag","name":"ul","attributes":{},"children":[{"$$mdtype":"Tag","name":"li","attributes":{},"children":[{"$$mdtype":"Tag","name":"MarkdownLink","attributes":{"href":"/products/control-panel/security/accessing-rest-apis"},"children":["Accessing REST APIs"]}]},{"$$mdtype":"Tag","name":"li","attributes":{},"children":[{"$$mdtype":"Tag","name":"MarkdownLink","attributes":{"href":"/products/control-panel/security/auditlogs/audit-logs"},"children":["Audit Logs"]}]},{"$$mdtype":"Tag","name":"li","attributes":{},"children":[{"$$mdtype":"Tag","name":"MarkdownLink","attributes":{"href":"/products/control-panel/security/users"},"children":["Users and Roles"]}]},{"$$mdtype":"Tag","name":"li","attributes":{},"children":[{"$$mdtype":"Tag","name":"MarkdownLink","attributes":{"href":"/products/control-panel/security/policies"},"children":["Policies"]}]}]}]},"headings":[{"value":"About API Keys","id":"about-api-keys","depth":1},{"value":"API Key Types","id":"api-key-types","depth":2},{"value":"Scope and Applicability","id":"scope-and-applicability","depth":2},{"value":"Learn More","id":"learn-more","depth":2},{"value":"Related Resources","id":"related-resources","depth":2}],"frontmatter":{"seo":{"title":"About API Keys","description":"Learn about API key types and management in Treasure AI, including Master keys, Write-only keys, and expiration policies."}},"lastModified":"2026-06-01T20:51:10.000Z","pagePropGetterError":{"message":"","name":""}},"slug":"/products/control-panel/security/api-key","userData":{"isAuthenticated":false,"teams":["anonymous"]},"isPublic":true}