Honeycomb uses API keys for a number of different purposes. Any programmatic request sent to Honeycomb must use an API key. API keys are set at the Environment level, and apply to all datasets within the Environment.
API keys are managed at the Environment level and found in your Environment Settings. API keys can be created, modified, or deleted only via the UI. You must be a Team Owner to create and edit API keys.
Note: Honeycomb Classic API keys are scoped to all dataset(s) and data in the Classic section. API keys can be created, modified, or deleted only via the UI. Learn more about Honeycomb versus Honeycomb Classic.
An API key can have any number of the following permissions:
send events: Send events to Honeycomb, and so can be used as the API Key for getting data in and for the events API
create datasets: Create and manage datasets via API. Datasets may also be created implicitly: if an event is sent to Honeycomb specifying a non-existent dataset, an event using an API key with this permission will create a new dataset
queries and columns: Create and manage queries, columns, derived columns, and query annotations
markers: Create and manage markers
boards: Create and manage boards
triggers: Create and manage triggers
run queries: Execute existing queries using the Query Data API
SLOs: Create and manage SLOs and their burn alerts
You should use different API keys for different purposes. For example, the API key used to send data in from your production cluster should be different then the API key used for testing; the key used by your build process to create markers should be different from either of those.
Separating these purposes among different API keys allows you to revoke permissions on one key without affecting the abilities of others. It also minimizes the negative effects if a key leaks or is lost.
Did you find what you were looking for?