By default, all of your API Keys have full access and can perform any of our API Calls. This can be risky at times. For instance, if you wish to deploy your application in an environment where others may be able to see your API Key (i.e.: on shared hosting). For such cases you can limit the Access of your API Key to perform just the calls that your application needs, or calls that cannot impact your account (i.e.: fetch the uptime monitor status).

To begin configuring the Access for any of your API Keys, go to your API Keys page in your dashboard:

Locate the API Key you wish to configure Access for and click the ‘Configure Access’ button next to it.

A modal pop-up will appear, where you will be able to select the exact API Calls that this API Key will be allowed to perform on our platform.

Once you’re done configuring which API Calls to allow, be sure to click the ‘Save’ button in order to save your access level for this API Key.

So we’ve selected the ‘v1 API Status’ and the ‘v2 Blacklist Report’ API Calls. This means that this API Key can now perform only these two API Calls on our platform. If you try performing any other API Calls using this API key, you will get the following error:

{"status":"ERROR","error_message":"api key does not have access to perform this api call"}

Now that we’ve modified the Access level for this one API Key, you’ll notice that its ‘Configure Access’ button color has changed, so you can easily spot your API Keys that have restricted access levels.

And you can even go one step further and also add a note to this API Key. In the future you’ll know exactly in which one of your applications this API Key is used.

In order to see all of our API Calls, along with their names and what they can do, be sure to check out our API Explorer: