Overview
Admins can create, view, and revoke API keys directly from the Moonbounce dashboard. API keys provide programmatic access to the Moonbounce API for your integrations and automated workflows. To manage API keys, navigate to Account Settings → API Keys.Only users with the Admin role can access and manage API keys.
Creating an API Key
- Go to Account Settings → API Keys and click Create API Key.
- Enter a descriptive name for the key (e.g. “Production API Key”).
- Choose a duration for how long the key should remain valid:
- 30 days
- 90 days
- 180 days
- 365 days
- Click Create.
- Copy your API key immediately. The full key is only shown once and cannot be retrieved later.
Using Your API Key
Include your API key in the request headers when calling the Moonbounce API:Managing Existing Keys
The API Keys page displays all keys for your account, including:| Column | Description |
|---|---|
| Name | The label you assigned when creating the key |
| Owner | The email of the user who created the key |
| Status | Enabled, Disabled, or Revoked |
| Created | When the key was generated |
| Expires | When the key will expire, color-coded by urgency |
| Signature | The last 6 characters of the key for identification |
Key Actions
From the actions menu on each key, you can:- Disable — Temporarily deactivate a key. It can be re-enabled later.
- Enable — Reactivate a previously disabled key.
- Revoke — Permanently invalidate a key. This action cannot be undone.
Best Practices
- Rotate keys regularly. Create a new key before revoking an old one to avoid downtime.
- Use descriptive names. Name keys after their intended use (e.g. “CI Pipeline”, “Staging Environment”) so you can easily identify them later.
- Revoke unused keys. If a key is no longer needed, revoke it promptly to reduce your attack surface.
- Never share keys in plaintext. Store API keys in environment variables or a secrets manager, not in source code.