API Key Encryption and Rotation
In our continuous efforts to safeguard your data and ensure the highest level of security, we are making a change to the way API keys are managed within the application.
What has changed?
We have now encrypted the API key within the Affinda app to provide an additional layer of security. As a result, after creating an API key, users will no longer be able to retrieve it from the application. Instead, we have introduced a new feature that allows users to generate up to three API keys. This will facilitate key rotation without disrupting your production environment if you choose to do so.
How does the new key rotation feature work?
With the key rotation feature, you can manage your API keys more effectively. Here are some key points to be aware of:
- Viewing the key: Once you create a key, you will only be able to view it once within your user settings page in the application. It is crucial that you copy and store it in a safe location within your own environment.
- Maximum of 3 API keys: You can generate a maximum of three API keys within the Affinda app.
- Naming and Expiry: Each API key can be named and set with an expiry date or to never expire, based on your requirements.
Action Required (if applicable)
If you have already stored your existing API key, there is no immediate action required on your part. Your current API key will continue to function normally.
If you have not stored your API key yet, you will need to generate a new API key within the Affinda app to access it. Remember, you will only be able to view the key once, so ensure you copy it accurately (or you can generate a new key next time you need it).