Root Keys

To interact with the Unkey API to manage resources such as APIs or keys, you need a root key.

Root keys are scoped per workspace and you can fine tune their access permissions when creating a key or update later on the fly.

It’s a good practice to provide as few permissions as possible, to minimize the potential impact of a leaked key.

Start

Go to https://app.unkey.com/settings/root-keys/new

Name and Permissions

Optionally enter a name. This is internal only and not customer facing.
Add your workspace-wide permissions. These permissions affect and override the per-api permissions below.
For each API in your workspace, you can enable fine grained permissions.
Click Create New Key at the bottom

Copy your key

Be sure to copy the key before closing the window. There is no way to recover it later

What should I do if a root key is leaked?

If you leak a root key - for instance, by accidentally checking it in to version control - you should immediately revoke the root key and replace it with a new, secure key. Root keys are secrets, and should never be exposed publicly.

Get Started

APIs

Ratelimiting

Semantic cache

Audit logs

Integrations

Migrations

What should I do if a root key is leaked?

Get Started

APIs

Ratelimiting

Semantic cache

Audit logs

Integrations

Migrations

​What should I do if a root key is leaked?

What should I do if a root key is leaked?