You need to supply an API Key as the Authorization header for all API requests, using the bearer identifier. You also may need API keys when you integrate Lightstep Observability with other applications.

For security reasons, keys expire after one year. Expiration dates are displayed on the API Keys page, and you can create a new key at any time.

Only users with Admin access or Member access can create API keys. However, member users may only create tokens with member access.

Create API keys

You can create API keys from the Account Settings page. For security reasons, create a separate API key for each application and third-party integration.

To create an API key:

  1. From the navigation bar, click Account > Account Settings and select the API Keys tab.

  2. Click Create New API Key.
  3. Enter a description for the key and select a Role, which grants a specific set of permissions for this key. Use a key with Viewer access for APIs that only read data from Lightstep Observability. If you plan on updating information within your account (programmatically creating streams for example), use the Member role. Only create an Admin key if you are ok with the key having full access to creating and deleting data in all of Lightstep Observability.

  4. Click Create Key. The API key is created and shown to you.

  5. Click Copy & Close to copy the link to your clipboard, then you can paste this key where you need it.

    This is your only chance to view the actual key, so best practice is to copy and paste the key to a safe place immediately.

View or revoke API keys

You can revoke an existing key to permanently disable it. However, you can’t edit or view keys after you create one. If you want to change the access level for a key, you need to revoke the original and create a new key. Before revoking a key, be sure to create a new one and update all places that use it, as revoking a key takes effect immediately.

To manage API keys:

  1. From the navigation bar, click Account > Account Settings and select the API Keys tab.

    You can view the keys and the level of access they have.

  2. Revoke the key by clicking Revoke Key.

    Revoking the key is immediate.