Remove roles from your API key

Remove authority from your API key by revoking one or more roles

Prerequisites:

  • You know what API keys are
  • You are able to create API keys
  • You are aware of the permissions your API key holds and
  • You have identified your API key needs and have decided what permissions they need

Read more about:

Learn how to remove a role from your API key without causing technical repercussions. Follow along with the stepwise guide and mind the warnings, so you do not cause any integral damage to your technical processes.

At the end of this guide, you’ll have removed your role successfully.

Considerations to have before you remove a role

It’s easy to remove a role from your API key if you’ve accidentally granted the wrong one and want to readjust. The problem comes when you’re changing the roles of existing systems. It’s crucially important to understand what could happen if you change the wrong roles. You may experience technical downtime, or at worst, damage your organization’s processes.

You see, as you change roles, you’re revoking the authority of that particular API key. And if you’re not careful, you may cause negative repercussions.

Therefore, you’re highly recommended to think about a few considerations. Please see these questions and assess how they affect your current processes. It will help you when you remove your roles.

• What is my system doing? What are its operations? Think CRUD (Create, Read, Update, Delete)
• What permissions does my system currently have? Do I need to have all of them? Or are some redundant?
• If I removed this one particular role or permission, what would happen to my system? Could it still perform as it should?

As you think about these questions, you may wish to create a flowchart or overview of all the permissions your system uses. Note where and when they use them and get a proper understanding of what permissions it needs. If you conclude that it does not need the permission you’d like to change, then you are ready to proceed.

Note: As a best practice, we recommend you to make a role specifically for each system. It makes it easier to remove and edit roles without affecting multiple systems at once.

If you are using roles across systems, revisit the mentioned questions and assess all systems which use your role.

Remove a role from your API key

Now that you’re ready to remove the role, continue by following these steps:

  1. Sign in to the web environment. Make sure you sign in with a user with the Service-accounts.update permission. Your admin user has this permission by default
  2. Navigate to the Development tab. Here you will find all your active API keys
2194
  1. Press the Edit button next to the API key you’d like to edit

  2. Remove the role you wish to remove

2194
  1. Press save and confirm your changes

You have now successfully removed the role from your API key. If you’ve followed the considerations and best practices mentioned, you should not have caused any damage to your operations. Good job!