User responsibilities in API key management

calendar icon
user iconDaniel Filakovsky, Jan Cerman
clock icon2 minutes
arrow-down-line iconDownload PDF
Understand the capabilities and privileges of regular users, project managers, and subscription admins. Learn how each role interacts with API keys, the permissions they carry, and the responsibilities they hold.

Understand user responsibilities

Clearly defined roles and responsibilities in any system help each stakeholder understand their part in safeguarding. Awareness of these duties helps prevent unauthorized access and misuse of API keys, which might lead to data breaches and other security incidents.

Regular users

A regular user has limited access to a project and its environment. They can have access to multiple environments or just a single one. By default, regular users cannot create API keys nor manage them. If regular users are given the Create a personal API key permission, they can create their own Personal API key. This way, they can automate their job and create custom integrations. However, keep in mind that the Personal API key mimics their own permissions. The API key won’t let them do more than what they already can. Regular users have no privileged access and could have limited capabilities depending on their role. If a regular user needs to create independent integration, they need to ask their project manager to share a Delivery or Management API key. Such API key should be created specifically for the purpose of the integration.

Project managers

Project managers have access to the content and settings of all environments under a project. They’re responsible for creating new API keys and can share the API keys with regular users. For example, they can share a Management API key with a developer who needs to integrate a new service. Project managers can:
  • Activate and deactivate secure access for Deliver API.
  • Activate and deactivate Management API.
  • Access the Delivery API keys and Management API keys that have their own identity and are not restricted by the owner’s access.
  • Access the API key overviews to perform regular access reviews.
  • Regenerate a valid API key that’s close to its expiration date.
  • Revoke any API key in case of a leak.

Subscription admins

A subscription administrator can do the same things as a project manager. As long as a user is a subscription admin, they automatically become a project manager in all projects under a subscription.Subscription admins are the only ones with access to the Subscription API and the Subscription API key, which provides unlimited access to all projects within a subscription. Thanks to that, they can deactivate or activate users on the subscription level across all projects at once.
  • Develop with Kontent.ai
  • Manage API keys
  • Hello World
  • Hello Web Spotlight
  • Try sample apps
  • Build apps
  • Decide navigation and URLs
  • Environments
  • Get Developer Certification
light-bulb icon
Sign in
  • desktop-alt icon
  • Cheat sheets
  • Documentation
  • API reference
  • Product updates
Kontent.ai Learn
  • Plan
  • Set up
  • Model
  • Develop
  • Create
  • Meet the APIs
  • Choose API keys
  • Understand API key lifecycle
  • Roles and their responsibilities
  • Testlock icon
Copyright © 2024 Kontent.aiarrow-right-top-square icon. All rights reserved.
  • Webarrow-right-top-square icon
  • Privacy policyarrow-right-top-square icon
  • Cookies policy
  • Consent settingsarrow-right-top-square icon
  • Securityarrow-right-top-square icon
  • GDPRarrow-right-top-square icon
Sign in with your Kontent.ai credentials or sign up for free to unlock the full lesson, track your progress, and access exclusive expert insights and tips!
  • Sign in
  • Understand user responsibilities
  • Regular users
  • Project managers
  • Subscription admins