You can find your Master and Write-only key in your profile.
- Choosing the Right Type of API Key
- Retrieving the API Keys from the TD Console
- Retrieving the Master API Key using the TD Toolbelt
REST API access is controlled through API keys. Almost every REST API call needs to be issued with a valid API key for authentication and resource authorization purposes.
| API Key Type | Description |
|---|---|
| Master | Can be used to perform all permitted operations based on the user’s permission level and access, no exception. |
| Write-only | Provides an additional layer of security in controlling access to a Treasure Data account through the REST APIs. Useful when access has to be provided to 3rd parties or API keys need to be embedded in ingestion libraries (for example, web page integrations). Based on the permissions and access levels associated with a user, the user’s Write-only API key only allows importing data into Treasure Data to those databases it has write access to. |
Keep your API Master key secure. Master keys grant both read and write access to Treasure Data, and anyone in possession of your Master key could possibly access, corrupt, or delete your data. Do not share your Master keys and be careful not to expose or release your Master key publicly.
By default, every new user is created with one Master and one Write-only API key. Any user can generate any number of the two types of API keys. Any of the API keys can be revoked at any time by the user themselves or any user having Manage User permissions.
- Open TD Console.
- Access My Settings > API Keys.
- Select API Keys.
Only the Master API key can be retrieved from the command line. To retrieve the key, execute the following command:
td apikey:show