Honeycomb uses API keys for a number of different purposes. Any programmatic request sent to Honeycomb must use an API key. API keys are set at the team level, and apply to all datasets within the team.
API keys are managed at the team level and found in your Team Settings. API keys can be created, modified, or deleted as necessary. You must be a Team Owner to create and edit API keys.
An API key can have any number of the following permissions:
send events: Send events to Honeycomb, and so can be used as the API Key for getting data in and for the events API
create datasets: Create and manage datasets via API. Datasets may also be created implicitly: if an event is sent to Honeycomb specifying a non-existent dataset, an event using an API key with this permission will create a new dataset
queries and columns: Create and manage queries, columns, derived columns, and query annotations
markers: Create and manage markers
boards: Create and manage boards
triggers: Create and manage triggers
run queries: Execute existing queries using the Query Data API
You should use different API keys for different purposes. For example, the API key used to send data in from your production cluster should be different then the API key used for testing; the key used by your build process to create markers should be different from either of those.
Separating these purposes among different API keys allows you to revoke permissions on one key without affecting the abilities of others. It also minimizes the negative effects if a key leaks or is lost.