Generate Key screen reference

Generate Key screen reference

The Generate Key screen appears after you click the Add an API key icon icon on the API Keys screen.

Fields on the Generate Key screen

Field	Description
Key Type	Desktop, External, Internal, or Custom. Choose the type that matches the integration.
Expiry date	Only applies to Custom, External, and Internal. This field is not shown for Desktop keys. The date and time when the system automatically disables the key; the key is deleted seven days after expiry. Leave empty for no expiry. The system checks the expiry date periodically, and there may be delays of up to two hours.
Description	Purpose of the key (free text).
Enabled	When selected, the key is active and available for use. Keys are enabled by default.
User	For External and Custom keys only. Choose All users or Specific user. All users Gives full access to all features and APIs. Typically used for system-wide integrations or services that need broad access. Security risk is Higher, since it grants universal access. Specific user Limits access to the permissions of the assigned user, at the time of use, not just at creation. While technically usable by anyone, it is intended to be used only by the assigned user. Security benefits: Aligns with PCI DSS 4.0 and other security standards. Reduces risk by limiting access scope. Easier to audit and manage user-specific access. Example: Properly formatted URLs /api/qm/export /api/audit/export /api/audit/*
Allow Access to URLs	For Custom key only. Add allowed resources by specifying GET or POST and the API endpoints. Supports wildcard (). Some examples of properly formatted URLs include: /api/qm/export /api/audit/export /api/audit/ To delete an entry, select the row you want to delete, and then select the Delete () icon.

Tasks

Generate an API Key