API Keys
API Keys
The API Keys section provides a central location for creating and managing API keys that enable programmatic access to VergeCloud services. You can generate new keys using a guided wizard, assign scopes and roles, and view or revoke existing keys as needed.
Sections
API Keys List
This list displays all API keys created for the organization. Each row includes:
- Name/Description – The custom name and optional description assigned during creation.
- API Key – A partially masked key for identification. The full value is shown only once when the key is generated.
- Roles – The roles assigned to the key that define what it can access or control.
- Created at – Timestamp of when the key was created.
- Actions – Options to view key details or revoke the key.
Create API Key Wizard
Step 1: Basic Info
Provide a name and optional description for the API key to identify its purpose.
- API Key Name – Required. A unique name to label the key.
- Description – Optional. Used to describe how or where the key will be used.
Step 2: Access Scope
Define where the key's roles will apply. Choose from:
- All Services – Grants access across all services and future resources in the organization.
- Specific Services – Limit access to selected domains.
Step 3: Assign Roles
Select one or more predefined roles to determine the key’s permissions.
- Admin – Full control of the assigned services.
- Read-Only Admin – View access without modification rights.
- Billing Manager - Access to manage Billing.
- Cache Purger – Can purge cached content from CDN.
- DNS Manager – Manages DNS records.
- Security Manager – Configures security features like WAF and DDoS protection.
- Traffic Manager – Manages routing and load balancing settings.
- Insights Analyst – Access to traffic and performance analytics.
Step 4: View API Key
The full API key is shown once on this screen. You must copy and store it securely before continuing.
Fields and Usage
- API Key – The full key used to authenticate API calls. Only shown once.
- X-API-Key Header – Required header to include in all API requests using this key.
X-API-Key: <your-api-key>Considerations
- One-time visibility: The API key value is only shown once and cannot be retrieved later.
- Non-editable: API keys cannot be edited after creation. To change scope or roles, revoke the old key and create a new one.
- Least privilege: Assign only the roles necessary for the key’s intended function to minimize risk.
- Scoped access: Ensure the scope aligns with the roles assigned to prevent unintended access.
- Revocation: Deleting a key immediately disables it and blocks all related access.
Related Articles
Changing Default Name Servers
A Name Server (NS) Record is a type of DNS record that indicates which DNS server is authoritative for a specific domain. It directs DNS queries to the correct server, where other records like A, MX, or CNAME are stored. For example, an NS record for ...Organization
Organizations The Organization feature in VergeCloud allows users to collaborate in teams with clearly defined roles and access scopes. It serves as the foundational unit for managing access, billing, and user permissions across all VergeCloud ...Domain-Based and Organization-Based Roles
Domain-Based Roles Domain-based roles apply to specific domains or services, such as CDN. They control access to domain-level features but not global settings. Click on each role below to view its access permissions. Admin Access Area Permission ...Boost Web Pages
The web boost feature allows you to enhance the loading speed of your website. This improvement can significantly boost your website’s SEO and enhance the overall user experience. Glossary SEO: Search Engine Optimization, the process of improving the ...SSL Certificate
In this section, you'll learn how to manage the connection protocol between users and your website via VergeCloud's CDN edge servers. You can adjust settings related to HTTPS for content delivery, including configurations for VergeCloud's ...