API Authentication

Secure access to Upstat’s API using API keys.

Generating API Keys

Create API keys from your account settings:

1. Go to Settings → API Keys
2. Click Generate New Key
3. Give your key a descriptive name
4. Copy the key immediately - it won’t be shown again

![Placeholder: API Key Generation Dialog with Name Field]

Using API Keys

Include your API key in all requests:

curl -H "Authorization: Bearer YOUR_API_KEY" 
  https://api.upstat.io/v1/monitors

Key Security

Keep your API keys secure:

• Never commit keys to version control
• Use environment variables in your applications
• Rotate keys regularly
• Create separate keys for different applications

Key Permissions

API keys inherit the permissions of the user who created them:

• Account Owner - Full access to all resources
• Project Manager - Access to assigned projects
• Contributor - Limited write access
• Viewer - Read-only access

Revoking Keys

To revoke a compromised key:

1. Go to Settings → API Keys
2. Find the key to revoke
3. Click Delete
4. Update your applications with a new key

![Placeholder: API Keys List with Delete Actions]

Best Practices

• Name keys descriptively (e.g., “Production Monitoring Script”)
• Use different keys for different environments
• Monitor key usage in audit logs
• Set up alerts for unusual API activity

---

Learn more

• API overview
• API endpoints
• Rate limiting