Sazabi
API Keys

Overview

Create and manage API keys for log ingestion and programmatic access to Sazabi.

API keys authenticate requests to Sazabi. Use public keys for log ingestion and secret keys for API access.

Key types

Sazabi uses two types of API keys for different purposes:

Key typeScopePurposeSecurity level
Public keysProjectLog ingestionSafe to include in client-side code
Secret keysOrganizationAPI accessMust be kept confidential

Public keys

Public keys are used for sending logs and telemetry to Sazabi. They are:

  • Project-scoped: Each public key is tied to a specific project.
  • Write-only: They can only ingest data, not read it.
  • Safe to expose: While you should not share them unnecessarily, public keys cannot be used to access your data.

Learn more about public keys

Secret keys

Secret keys provide full API access and should be protected:

  • Organization-scoped: They have access to all projects in the organization.
  • Full access: They can read data, manage configuration, and perform administrative actions.
  • Confidential: Never commit secret keys to version control or expose them in client-side code.

Learn more about secret keys

Public Keys

Project-scoped keys for log ingestion.

Secret Keys

Organization-scoped keys for API access.

Key rotation

Rotate keys regularly to maintain security. Follow this process to avoid downtime:

Create new key

Create a new key following the steps in the relevant key type guide.

Update applications

Update all applications and services to use the new key.

Verify functionality

Confirm that logs are being ingested and API calls are succeeding with the new key.

Revoke old key

Once you have confirmed the new key is working, revoke the old key.

Rotate keys quarterly as a security best practice, or immediately if you suspect a key has been compromised.

Security best practices

Follow these guidelines to keep your API keys secure:

  • Never commit keys to git: Use environment variables or secret management tools instead of hardcoding keys.
  • Use environment variables: Store keys in environment variables like SAZABI_PUBLIC_KEY or SAZABI_SECRET_KEY.
  • Rotate regularly: Rotate keys at least quarterly.
  • Use minimal scope: Use public keys for ingestion instead of secret keys whenever possible.
  • Revoke unused keys: Delete keys that are no longer in use.
  • Monitor key usage: Watch for unexpected usage patterns that might indicate a compromised key.
# Example: Using environment variables
export SAZABI_PUBLIC_KEY=sazabi_public_abc123def456
export SAZABI_SECRET_KEY=sazabi_secret_abc123def456

Next steps

Sending Logs

Learn how to send logs to Sazabi using your public key.

CLI Authentication

Configure CLI authentication with your secret key.

Team Management

Invite team members to your organization and manage their roles and permissions.

Public Keys

Project-scoped API keys for sending logs and telemetry to Sazabi.

On this page

Key typesPublic keysSecret keysQuick linksKey rotationCreate new keyUpdate applicationsVerify functionalityRevoke old keySecurity best practicesNext steps