Keys
About API Keys
In DIAL, API Keys play a crucial role in managing access and ensuring security:
- API keys are used for authentication and access control.
- They can be configured to be secured and can have specific roles and limits assigned to them.
- API keys are essential for external applications accessing language models and applications deployed in DIAL.
Refer to Access & Cost Control to learn more.
Keys List
The Keys page provides a centralized view and management interface for all API keys in DIAL.
Keys Grid
TIP: Use the Columns selector to customize which columns are visible in the grid.
| Column | Definition |
|---|---|
| Name | A user-friendly identifier of a key (e.g. analytics-service-key). Names help you map keys to consumers or services in logs and configs. |
| Description | Optional notes explaining the key’s purpose, owner/team, or special instructions. |
| Key generation time | A key's creation timestamp. Useful for auditing and correlating the key's usage with system changes or deployments. |
| Expiration time | A key's expiration timestamp. Setting expirations enforces regular key rotation. |
| Status | The current state of the key. |
| Project | The name of the project the key is associated with. |
| Project Contact Point | The contact person on a project. |
| Secured | A flag that identifies secured API keys. |
Create Keys
-
Click Create to invoke the Create Key modal.
-
In the modal, specify the following parameters for the new key:
Field Required Description & Use Cases Name Yes A user-friendly identifier for the key.
Use meaningful names to associate keys with projects, environments, or teams.Description No An optional free-form text.
Use to document the key’s purpose, owner team, or usage context.Project Yes Logical project or department grouping (e.g. "AnalyticsTeam").
Helps organize keys and apply cost/usage reporting by project.Key value Yes The actual secret string used for authentication.
Initially hidden; click 👁️ to reveal.
Press Generate to have its value automatically generated.Validity Period Yes A key's expiration time period. Use to enforce credential rotation and retirement. -
Once all required fields are filled, click Create. The dialog closes and the new key configuration screen is opened. A new key entry will appear immediately in the listing once created.
Key Configuration
Top Bar Controls
- Delete: Permanently removes the selected key. All related entities (applications, models, routes) bound to it may fail.
- JSON Editor (Toggle): Switch between the form-based UI and raw JSON view of the key’s configuration. Use JSON mode for copy-paste or advanced edits.
Keys Rotation
Use Rotation to refresh an existing API key.
- Click any API key to invoke the configuration screen
- Click Rotate.
- Paste or auto-generate a new secret in the Key value field.
- Pick the Validity period. The default expiration period is three months.
- Click Rotate to apply the changes.
Properties
In the Properties tab, you can view and manage all metadata and settings for a specific API key.
| Field | Required | Description & Use Cases |
|---|---|---|
| Name | Yes | A user-friendly identifier of a key. Use meaningful names to tie keys back to projects, environments, or teams. |
| Description | No | A free-form text. Use to document the key’s purpose, owner team, or usage context (e.g. "Used by QH Data Ingestion pipeline"). |
| Project | Yes | Logical project or department grouping (e.g. "QH", "AnalyticsTeam"). Helps organize keys and apply cost/usage reporting by project. |
| Project contact point | No | Email of the responsible person or group. |
| Key value | Yes | The actual secret string used for authentication. Initially hidden - click 👁️ to reveal. Press Copy to copy it to clipboard. |
| Secured | Yes | Toggle to make the key a secured API key. |
Roles
In the Roles tab, you can grant or revoke access to DIAL resources for API keys by associating them with roles. Only clients possessing this key and belonging to one of the assigned roles can invoke protected Models or Applications.
| Column | Description |
|---|---|
| Name | A unique identifier of the role. |
| Description | User-friendly summary of the Role’s purpose. |
Add
- Click + Add (top-right of the Roles Grid).
- Select one or more role in the modal window. Roles are defined in the Access Management → Roles section.
- Confirm to insert them into the table.
Remove
Use to stop associating API keys with roles. To delete a role, go to the Access Management → Roles section.
- Click the actions menu in the role's line.
- Choose Remove in the menu.
JSON Editor
For advanced scenarios of bulk updates, copy/paste between environments, or tweaking settings not exposed in the form UI—you can switch to the JSON Editor in any key's configuration page.
Switching to the JSON Editor
- Navigate to Access Management → Keys, then select the key you want to edit.
- Click the JSON Editor toggle (top-right). The UI reveals the raw JSON.
TIP: You can switch between UI and JSON only if there are no unsaved changes.