You can find your Master and Write-only key in your profile.

REST API access is controlled through API keys. Almost every REST API call needs to be issued with a valid API key for authentication and resource authorization purposes.

API Key Type



Can be used to perform all permitted operations based on the user’s permission level and access, no exception.


Provides an additional layer of security in controlling access to a Treasure Data account through the REST APIs.

Useful when access has to be provided to 3rd parties or API keys need to be embedded in ingestion libraries (for example, web page integrations). Based on the permissions and access levels associated with a user, the user’s Write-only API key only allows importing data into Treasure Data to those databases it has write access to.

By default, every new user is created with one Master and one Write-only API key. Any user can generate any number of the two types of API keys. Any of the API Keys can be revoked at any time by the user themselves or any user having Manage User permissions.

Read how you can configure your keys.

Retrieving the API Keys From the TD Console

  1. Open TD Console.

  2. Access My Settings > API Keys.

  3. Select API Keys.

Retrieving the Master API Key using the TD Toolbelt

Only the Master API key can be retrieved from the command line.
To retrieve the key, execute the following command:

$ td apikey:show
  • No labels