Generating new API key

See how to generate new API keys using Alphamoon

At Alphamoon we use API keys to authenticate requests. In this step-by-step guide, we'll explain how to generate your new API key for the organization or the single process.

Create organization API key

To create a new API key for your organization, sign in to Alphamoon and go to Settings:

Settings

Next, choose the API key tab in the left-hand navigation panel:

API keys

Now, click the +Create new API key button on the top-right:

Create new API key button

Once the modal shows up:

• Enter your API key's name

• Select API access scopes (determining what actions you can perform within the API - you choose All or select only the ones you need).

• Select the expiration date of your API key (we recommend changing the API key every 3 to 6 months).

Then click the Create button.

Once you create a new API key, make sure you save it in a safe place right away as you won't be able to view it again:

Save your new API key

Note:

Once expired your API key will stop working. Remember to create a new one in advance to ensure your application continues to operate.

You can remove an API key by clicking the three dots next to the given API key and selecting Delete:

Delete API key

Create process API key

To create a new API key for your organization, first enter one of your processes in the Dashboard:

Dashboard

Next, click the Configuration button:

Queue - Configuration button

Once you enter the Configuration, select the API keys tab in the left-hand navigation panel:

API keys tab

Now, click the + Generate new key button on the top-right:

Generate new key button

Generate new process API key

Once the modal shows up:

• Enter your API key's name

• Select API access scopes (determining what actions you can perform within the API - you choose All or select only the ones you need).

• Select the expiration date of your API key (we recommend changing the API key every 3 to 6 months).

Then click the Create button.

Once you create a new API key, make sure you save it in a safe place right away as you won't be able to view it again:

Save new process API key

You can remove your process API key by clicking the three dots next to the given API key and selecting Delete:

Delete process API key

API key structure

The value of the API key is split by a colon into what we call a user and a pass. Bear in mind that these credentials are not the same as your Workspace login data.

Example:

If your API key has the value h12shadjada:13ehjhj1b3j then the value for the user is h12shadjada and the value for the pass is 13ehjhj1b3j.

API key - security rules

To ensure the full security of your API keys as well as your credentials, we recommend you follow these best practices:

• Keep your API key and credentials confidential: Treat your API key and credentials as sensitive information and avoid exposing them publicly or including them in source code repositories.

• Use secure communication channels: Always transmit the API key and credentials over HTTPS to prevent eavesdropping or interception.

• Regularly rotate your API key and credentials: For added security, consider rotating your API key and credentials periodically or whenever there is a potential compromise.

• Restrict API key and credential permissions: Limit the scope of the API key and credentials by providing only the necessary permissions required for your application.

• Monitor API key and credential usage: Keep track of API key and credential usage and set up alerts or notifications to identify any suspicious activity.

See next: