Skip to main content

Manage API Keys

Generate, manage, and delete API Keys from your ATNA Dashboard with secure key usage and management best practices.

✅ Generate API Keys

To generate a new API Credential (Credential ID + Credential Secret):

  1. Log in to your ATNA Dashboard.
  2. Click the dropdown beside your profile name (top-right corner).
  3. Select My API Keys.
  4. Click + Generate an API Key.
  5. Provide a name for the key. We recommend using a consistent naming convention, for example: <service_name>-<dd_mm_yyyy>-<hh_mm>.
  6. Click Save & Add.
  7. Your API Credential ID and Credential Secret are generated and displayed on screen. Copy them now and store them securely — you may not be able to view the secret again later.
warning

Always store the credentials securely (see "Secure Storage" section below).

🛡️ Secure Storage of API Keys

After generating API keys:

  • Save them in a secure location. Consider using a password manager or a secure vault.
  • Do not include API keys in publicly accessible code repositories or expose them in client-side code.
  • Use environment variables, encrypted storage solutions, or a proper secrets management system to store API keys.

🗑️ Delete API Keys (Permanent Action)

If an API key is no longer needed — for example, after a rotation, or if you suspect a security breach — you should delete it. This action is permanent and cannot be undone. Make sure the key is no longer in use before deleting it.

To delete an API key:

  1. Log in to your ATNA Dashboard.
  2. Click the dropdown beside your profile name.
  3. Select My API Keys.
  4. Find the API key you want to remove, then click the More Options (3-vertical-dots) menu next to it.
  5. Click Delete.
  6. The key will be revoked and will no longer work for API calls.
danger

Verify that no active integrations or services are using that key before deleting it — otherwise those services will fail.

🛠️ API Key Security Best Practices

Managing your API keys responsibly is critical to maintaining the security of your account and data.

Best PracticeRecommendation
Key StorageNever store API keys in public repositories. Use a password manager or vault.
Limit key sharingShare keys only through secure, restricted channels.
Delete unused keysRegularly remove keys that are no longer necessary.
Distinct keys per appUse different keys for different applications to limit the impact of a compromise.
Consistent namingUse service_name-dd_mm_yyyy-hh_mm convention for easy identification.
Key RotationRotate API keys regularly (at least every three months).

🔑 Using Your API Key

ATNA uses API key-based authentication. Include the key in every request header:

Authorization: Bearer YOUR_API_KEY
caution

Never expose your API key in client-side code or public repositories.