Gremlin Docs Logo
Go to app
Quick Start Guides
AWS Quick Start Guide
Reliability Management (RM) Quick Start Guide
Getting Started
Compatibility
Installing the Gremlin Agent
Authenticating the Gremlin Agent
Configuring the Gremlin Agent
Enabling DNS collection
Platform
Managing the Gremlin Agent
Updating Gremlin
Managing Users and Teams
Configuring Role Based Access Control (RBAC)
User Authentication via SAML and Okta
Integrations
Health Checks
Notifications
Restricting Testing Times
Command Line Interface
Reports
Reliability Management
Services and Dependencies
Detected Risks
Test Suites
Reliability Tests
Reliability Score
Fault Injection
Targets
Experiments
Scenarios
GameDays
Failure Flags
Deploying Failure Flags on AWS Lambda
Deploying Failure Flags on AWS ECS
Deploying Failure Flags on Kubernetes
Installing the Failure Flags SDK
Running Failure Flags experiments
API Reference
Classes, methods, & attributes
API Keys
Examples
Security
Container security
Release Notes
General
Linux
Integration Agent for Linux
Windows
Chao
Helm
Failure Flags: Lambda Extension
Failure Flags: Sidecar
Resources
Gremlin User Community SlackBlogTutorialsGlossary
Start your 30 day free trial.
START FOR FREE
Docs Home
API Reference
API Keys

API Keys

No items found.

User-level API Keys

When making programmatic calls to the Gremlin API, instead of using your own account profile with your username password credentials, you can leverage API keys. They are tied to your user and have the same level of access as your user so you can use API keys to integrate with any part of the Gremlin API.

To create a new API key

  • Go to Account Settings.
  • Select the API Keys tab.
  • Click New API Key button.
  • Give your key a unique name and an optional description.
  • Click save, and copy your key content for use.

To revoke and reinstate an API Key

  • Before you begin, confirm that you have stopped using the API Key.
  • Go to Account Settings.
  • Select the API Keys tab.
  • Hover over the 3 dots to the right of your API Key.
  • Select Revoke Key or Reinstate Key in the popup.
  • If you are revoking a key, confirm by clicking the Revoke button.

Usage

Instead of using a Bearer token, provide the key content in the Authorization Header, prefixed with <span class="code-class-custom">Key</span>.


Authorization: Key f02868098b13e4f68da82b0c5e5c950ea750fce53c62d982cdab0c61099e5f98

See Creating Attacks for examples of creating an attack via the API.

Limit

There is a limit of 5 active API Keys per user.

Access

API keys have access levels equivilant to the user who created the key. For example, if you are a <span class="code-class-custom">Company Manager</span> and you create a key, that key will have the same level of access as a <span class="code-class-custom">Company Manager</span>. The same goes for teams, if you are a <span class="code-class-custom">Team Manager</span> in Team A and a <span class="code-class-custom">Team User</span> in Team B, then the API key will have <span class="code-class-custom">Team Manager</span> level access to Team A and <span class="code-class-custom">Team User</span> level access to Team B.

Company Settings API Keys tab

For Company Managers and Company Owners, there is now an API Keys tab located at the Company Settings page. This will list all the user-level API keys that your users have created. You can search by the name of the API Key or the name of who created it. This is to provide insight for if you plan to remove a user or edit their roles, you know what API keys will be affected by the change.

Team-level API Keys

Team-level API keys have been deprecated in favor of user-level API keys. You can still use your current team-level keys to authenticate, view, revoke and reinstate keys, but you are unable to create new team-level keys. Team-level keys will be fully removed on 7/15/2021

When making programmatic calls to the Gremlin API, instead of using your own account profile with your username password credentials, you can leverage team-level API keys. This is akin to having a "service account" in other software products.

To revoke and reinstate an API Key

  • Before you begin, confirm that you have stopped using the API Key.
  • Go to Company Settings.
  • Select your Team.
  • Select the API Keys tab.
  • Hover over the 3 dots to the right of your API Key.
  • Select Revoke Key or Reinstate Key in the popup.
  • If you are revoking a key, confirm by clicking the Revoke button.

Usage

Instead of using a Bearer token, provide the key content in the Authorization Header, prefixed with <span class="code-class-custom">Key</span>.


Authorization: Key f02868098b13e4f68da82b0c5e5c950ea750fce53c62d982cdab0c61099e5f98

See Creating Attacks for examples of creating an attack via the API.

Limit

There is a limit of 5 active API Keys per team.

Access

API keys have access levels equivilant to a Company User and Team User for the company and team that the API key was created under.

Classes, methods, & attributes
Previous
Previous
Examples
Next
Next
On this page
Back to top