A secret token used to authenticate requests to an API. API keys identify the calling application and authorize access to specific resources. Proper key management includes encryption at rest and rotation policies.
Related Terms
More in Security
OAuth 2.0An authorization framework that allows third-party applications to access user r...Access TokenA credential that grants temporary, scoped access to an API. Access tokens are t...Refresh TokenA long-lived credential used to obtain new access tokens without requiring the u...VaultA secure credential storage system that encrypts API keys and secrets at rest. 0...AES-256-GCMAdvanced Encryption Standard with 256-bit keys in Galois/Counter Mode. A symmetr...