Lightrun System API Keys¶
Permissions
Only users with ROLE_MANAGER
permissions can perform these actions.
You can generate and manage private system API keys in the Lightrun Management Portal. These keys are assigned per organization and are essential for configuring SCIM endpoints and Lightrun Prometheus integration. Administrators must generate the keys in the Lightrun Management Server and copy them to the target endpoint during the generation process.
Rules and Limitations¶
- From version 1.47, the Lightrun API Key feature has been updated. API keys can only be copied during generation. To make it easier to distinguish between different API keys, we added an option to set labels. If you have not set a label, only the last three characters of the API are displayed.
- API Keys for Agents Pools use a dedicated mechanism and are managed independently for each Agent Pool. For more information, see Manage Agent Pools.
- API Keys expire automatically after the predefined period you set when initially generating the API Key and can also be deactivated at any time. Note that it is your responsibility to track the validity of the tokens to ensure secure and uninterrupted access.
You have the flexibility to perform various tasks related to API Keys, including:
Generate an API Key¶
- Log in to your Lightrun account.
- Click Settings on the top right-hand of the taskbar to navigate to the Settings dashboard.
-
Select API Keys under Security in the Settings dashboard sidebar.
-
Click Generate an API Key.
-
In the Key label field, enter a descriptive label to help identify the key later. If no label is assigned, the last three characters of the key will remain visible after generation for security reasons.
- (Optional) From the Expiration period list, you can leave the default 90 days or select an alternate range.
-
Click Generate.
The API Key Generated Successfully dialog opens.
8. Click Close.
The key is added to the API keys list.
Revoke and delete an API Key¶
Revoking and deleting API Keys is crucial for system security. Immediately revoke an API key if it's compromised, misused, hits its usage limit, belongs to an inactive user, is obsolete, or needs regular renewal. Once revoked, the API key denies access to the related service.
Warning
When an API Key is revoked, all associated integrations will immediately cease to function. It is crucial to create a new key before removing the existing one, as the removal will render all integrations using this key inoperable.
-
In the row of the required key, click Revoke and Delete.
The Revoke and Delete the API Key dialog opens.
-
Click Revoke and delete.
The key is removed from the list.