API keys, secrets, and tokens

Last updated 2 months ago

Was this helpful?

API keys, secrets, and tokens

In Cortex, use , , and to maintain security and access across different features.

Managing API keys in Cortex

You can use API keys to enable programmatic access to all of your data within Cortex, including everything from high-level Scorecard stats to detailed information about specific entities in your catalogs.

For more information on the Cortex API, see the .

Managing API keys via the Cortex API

It is possible to create, read, update, and delete API keys via the Cortex API. Your API token must have the Create API keys permission.

See the for more information.

Managing API keys in the Cortex UI

You must have the Create API keys permission to create or delete API keys or to edit their name or description.

We recommend using the fewest possible permissions based on the purpose of the API key. An API key can have one of the default or can be assigned a . These permissions mirror individual permissions and roles.

Create API key in the Cortex UI

To create a new API key:

Navigate to the
At the top of the page, click Create API key.
Configure the API key:
- Roles: Select a role for the API key.
- Name: Enter a name for the API key.
- Description: Enter a description for the API key.
  - As a best practice, include details about what the API key is used for. This helps ensure that other users will not accidentally delete an important API key.
- Expiration date: Set an expiration date for the API key. The key will expire at the end of the chosen day based on the current time zone.
At the bottom of the modal, click Create API key.

Copy and store the API key

Once you click Create API Key, the full key will be displayed at the top of the page. Copy the key and store it in a secure location, as the key will not be displayed again after you refresh or navigate away from the page.

Cortex will only preserve the last 4 digits of the key for cross-referencing, but the rest of the key will be encrypted.

Modifying an API key

You can update the name and description for an API key after it has been created.

You cannot make changes to the key value itself. If you need to change the key value, you will need to delete it, confirm the deletion, then create a new key. There is no limit to the number of API keys you can create.

To edit an API key's name or description:

Locate the API key you want to edit, then click the edit icon next to that key.
In the modal, make changes to the name and/or description.
Click Update API key.