The API key records page displays the basic information of the API keys created under the current account. You can quickly view the name, ID, project, creation time, and last usage time of each API key to help you troubleshoot the source of API calls, analyze resource ownership, and implement security governance.
In the top navigation bar, click your organization account name to go to the project management page. In the left-side navigation pane, click API Key to go to the API key records page.
The API key records page displays the information of the API keys that you can view in a list. This way, you can view and review the information of all API keys at a glance.
The list typically contains the following fields:
Name: the display name of the API key. You can use this field to distinguish API keys for different applications, environments, or business purposes.
ID: the unique ID of the API key. You can use this field to distinguish API keys.
API Key: the value of the API key. The value is desensitized to prevent the exposure of the complete credentials.
Project: the project to which the API key belongs. You can use this field to determine the resource ownership.
Created At (UTC+8): the time when the API key was created.
Last Used (UTC+8): the time when the API key was last used. If the API key has not been used, this field displays
-.
Information that you can obtain
On the API key records page, you can focus on the following information:
Whether the API key is still in use: You can determine whether an API key is idle by checking the last used time.
To which project the API key belongs: You can determine the distribution of credentials in different business or test projects by checking the project field.
Whether the API key has an unclear name: You can identify the API keys that are difficult to identify by checking the name field and then unify the naming conventions.
Whether too many historical API keys exist: You can determine whether to clean up the unused API keys by checking the creation time and last used time.
Scenarios
The API key records page is applicable to the following scenarios:
Inventory of API keys: You can view the number and basic information of the API keys created under the current account.
Analysis of resource ownership: You can determine the project or business scope to which an API key belongs.
Identification of idle API keys: You can identify the API keys that have not been used for a long time to reduce security risks.
Troubleshooting of API call issues: When you troubleshoot issues in API calls, you can first confirm whether the target API key exists, when it was created, and whether it has been used.
Recommendations
We recommend that you regularly view the API key records and clean up the unused API keys.
We recommend that you unify the naming conventions of API keys based on the name and project fields to improve the efficiency of troubleshooting.
We recommend that you confirm the target API key by using the name, ID, and project fields instead of relying solely on the desensitized value of the API key.
If you find an API key from an unknown source or an API key that has not been used for a long time, we recommend that you verify its actual usage and then disable or delete it as needed.