API Keys Overview

Admin Only — Paid Plan

API keys are available on the Paid plan only. Organizations on the Free plan will see a message: "API Keys — Paid Plan Only".

API keys enable programmatic access to EntryGuard for CI/CD pipelines, automation scripts, and integrations.

What Are API Keys?

API keys are long-lived authentication tokens that allow applications to interact with the EntryGuard API without user credentials. They're designed for:

• CI/CD Pipelines — Automatically start and stop sessions before and after test runs
• Automation Scripts — Manage sessions and read audit logs programmatically
• Third-Party Integrations — Connect EntryGuard to other tools and platforms

Authentication

API keys use the X-API-Key header (distinct from user authentication which uses Authorization: Bearer):

curl https://api.entryguard.io/api/v1/sessions \
  -H "X-API-Key: eg_live_1234567890abcdef..."

Scoped Access

Each API key is scoped to specific permissions:

• Sessions (Read) — View session information
• Sessions (Write) — Start, stop, and extend sessions
• Resources (Read) — View resource information
• Audit Logs (Read) — View audit logs
• Full Access — All of the above

Key Structure

API keys have a recognizable prefix: eg_live_...

The full key is only shown once during creation. After that, only the key prefix is visible in the UI for identification.

Security Features

1. One-time display — Full key shown only at creation
2. Scoped permissions — Keys can only perform actions matching their scopes
3. Optional expiration — Set expiry dates to limit key lifetime
4. Instant revocation — Keys can be revoked immediately

Next Steps

• Create and manage API keys →
• Available scopes →
• CI/CD usage examples →

---

API Reference: For programmatic access, see API Keys API.