Best Practices for API Keys | Honeycomb

Best Practices for API Keys

We recommend that you follow certain best practices when using API Keys.

Use API Key types appropriately 

We recommend using Ingest Keys to send data to Honeycomb, and Management and Configuration keys to manage your Honeycomb resources.

Ingest Keys 

We recommend using Ingest API Keys to send data to Honeycomb. They are specialized, environment-scoped keys, which are designed to securely transmit telemetry data, including the optional creation of new datasets.

Ingest Keys have the following properties:

  • Limited permissions: Can only be used to write telemetry data, and optionally create new datasets.
  • Immutable: Once created, their permissions cannot be altered, which makes them the safest option for client-side instrumentation.
  • Can be deleted: These keys can be temporarily disabled or permanently deleted, which help users manage clutter and adhere to certain compliance standards.

Management Keys 

Management API Keys allow you to manage API keys at the Team level, which includes all API keys for the Environments associated with your team. Each key has a set of scopes, which can not be altered once the key has been created. Currently only managing the API Keys in an Environment is supported.

Configuration Keys 

Configuration API Keys allow you to manage resources in your Environment, such as Boards, Columns, Markers, Triggers, and SLOs. Their permissions can be modified after their creation, and while they can be granted the permission to send events it is recommended that Ingest API Keys be used for that purpose.

Use different API keys for different purposes 

For example, the API key used to send data in from your production cluster should be different from the API key used for testing; the key used by your build process to create markers should be different from either of those.

Separating these purposes among different API keys allows you to revoke permissions on one key without affecting the abilities of others. It also minimizes the negative effects if a key leaks or is lost.