Generating new API key

See how to generate new API keys

At Alphamoon Workspace API we use API keys to authenticate requests. Take a look at our step-by-step guide on how to generate your new API key.

Go to Your profile to create API key

In order to create a new API Key sign in to Alphamoon Workspace and enter Your profile:

Below the Personal settings section, you will see another one - Your organization's API Keys:

Click the Create new API Key button and you will see the view below:

Once the window shows up:

  • Enter your API key's name

  • Select API access scopes (determining what actions you can perform within the API - you choose All or select only the ones you need).

  • Select the expiration date of your API key (we recommend changing the API key every 3 to 6 months).

Then click the Confirm button.


Once expired your API key will stop working. Remember to create a new one in advance to ensure your application continues to operate.

When created, your API key will be shown at the top of the section. Metadata about your API key will be added to the table below:


Make sure you save your API key in a safe place right away as you won't be able to view it again.

You can also delete an API Key here by clicking the bin icon.

API key structure

The value of the API key is split by a colon into what we call a user and a pass. Bear in mind that these credentials are not the same as your Workspace login data.


If your API key has the value h12shadjada:13ehjhj1b3j then the value for the user is h12shadjada and the value for the pass is 13ehjhj1b3j.

API Key - Security Rules

To ensure the full security of your API keys as well as your credentials, we recommend you follow these best practices:

  • Keep your API key and credentials confidential: Treat your API key and credentials as sensitive information and avoid exposing them publicly or including them in source code repositories.

  • Use secure communication channels: Always transmit the API key and credentials over HTTPS to prevent eavesdropping or interception.

  • Regularly rotate your API key and credentials: For added security, consider rotating your API key and credentials periodically or whenever there is a potential compromise.

  • Restrict API key and credential permissions: Limit the scope of the API key and credentials by providing only the necessary permissions required for your application.

  • Monitor API key and credential usage: Keep track of API key and credential usage and set up alerts or notifications to identify any suspicious activity.

See next:

Last updated