You can use API keys to enable programmatic access to all of your data within Cortex, including everything from high-level scorecard stats to detailed information about specific services within your catalog.

You can access API Keys in settings.

Note: Only admins have the ability to access this page and create API keys.

Creating an API key

To create a new API key, select Create API key.

This will open a modal for you to enter the API key’s role and description.

Roles

An API key can have one of three roles: viewer, user, or admin. These permissions mirror individual permissions—viewer is a read-only role; user has the ability to modify and create services; and admins can modify and create scorecards, in addition to all other actions. In the case of APIs, there is no manager role because managers possess all of the same relevant abilities as admins.

When creating an API key, you should use the fewest possible permissions. For example, if you’re using an API for data gathering or research, you’ll designate that API as a viewer. The vast majority of your API keys will require viewer or user permissions — the user role covers creating/editing services, creating/editing teams, and adding custom data into Cortex. If you’re creating/editing scorecards or managing integrations, the API key will need admin permissions.

Description

The modal will prompt you to include a short description. Although this is optional, it is strongly recommended that you write some detail about what the API key is used for. This not only makes it easier to rotate API keys and conduct tests, but it also ensures that no one will delete an important key.

Copy and store

Once you click Create API Key, you’ll be provided with the full key at the top of the page. As soon as you refresh or leave the page, the key will disappear, so it is crucial that you copy your API key before moving on. Cortex will only preserve the last 4 digits of the key for cross-referencing, but the rest of the key will be encrypted. This is also why the description is so important.

Once you create an API key, you will not be able to make changes to it later on. If you need to modify a key, you will need to delete it and re-create it. You can delete an API key by clicking the trash can icon. You’ll be prompted to confirm this decision, so you don’t have to worry about accidentally deleting an API key.

There is no limit to the number of API keys you can create, so you can create as many as you need. You can access all of our API docs here.