Generating new API key
See how to generate new API keys using Alphamoon
At Alphamoon we use API keys to authenticate requests. In this step-by-step guide, we'll explain how to generate your new API key for the organization or the single process.
Create organization API key
To create a new API key for your organization, sign in to Alphamoon and go to Settings:
Next, choose the API key tab in the left-hand navigation panel:
Now, click the +Create new API key button on the top-right:
Once the modal shows up:
Enter your API key's name
Select API access scopes (determining what actions you can perform within the API - you choose All or select only the ones you need).
Select the expiration date of your API key (we recommend changing the API key every 3 to 6 months).
Then click the Create button.
Once you create a new API key, make sure you save it in a safe place right away as you won't be able to view it again:
Note:
Once expired your API key will stop working. Remember to create a new one in advance to ensure your application continues to operate.
You can remove an API key by clicking the three dots next to the given API key and selecting Delete:
Create process API key
To create a new API key for your organization, first enter one of your processes in the Dashboard:
Next, click the Configuration button:
Once you enter the Configuration, select the API keys tab in the left-hand navigation panel:
Now, click the + Generate new key button on the top-right:
Once the modal shows up:
Enter your API key's name
Select API access scopes (determining what actions you can perform within the API - you choose All or select only the ones you need).
Select the expiration date of your API key (we recommend changing the API key every 3 to 6 months).
Then click the Create button.
Once you create a new API key, make sure you save it in a safe place right away as you won't be able to view it again:
You can remove your process API key by clicking the three dots next to the given API key and selecting Delete:
API key structure
The value of the API key is split by a colon into what we call a user and a pass. Bear in mind that these credentials are not the same as your Workspace login data.
Example:
If your API key has the value h12shadjada:13ehjhj1b3j then the value for the user is h12shadjada and the value for the pass is 13ehjhj1b3j.
API key - security rules
To ensure the full security of your API keys as well as your credentials, we recommend you follow these best practices:
Keep your API key and credentials confidential: Treat your API key and credentials as sensitive information and avoid exposing them publicly or including them in source code repositories.
Use secure communication channels: Always transmit the API key and credentials over HTTPS to prevent eavesdropping or interception.
Regularly rotate your API key and credentials: For added security, consider rotating your API key and credentials periodically or whenever there is a potential compromise.
Restrict API key and credential permissions: Limit the scope of the API key and credentials by providing only the necessary permissions required for your application.
Monitor API key and credential usage: Keep track of API key and credential usage and set up alerts or notifications to identify any suspicious activity.
See next:
Last updated