Use these endpoints to create or delete an API key.
When creating an API key, the key itself is returned in the response body.
Keep your server_side and admin keys private
Never expose
adminandserver_sideAPI keys in untrusted contexts.Do not put your
adminorserver_sideAPI keys in client-side JavaScript or mobile SDKs. Split has specialclient_sideAPI keys that you can use in JavaScript, Android, and iOS.If you accidentally expose your API key, revoke it in the APIs tab in Organization settings or using the Delete an API key endpoint.
Be sure to copy your Admin API Key once it's generated. For security purposes, you won’t see the key again.
API key types
There are three types of keys that can be created:
adminAPI keys are used for access to the Split Admin API endpoints.server_sideAPI keys are recommended to use with SDKs that live in your infrastructure (for example, your servers).client_sideAPI keys are for SDKs living in public environments (for example, browsers or mobile clients).
Admin API Key roles
Roles aim to limit the access and operations a key can perform within Split within two functional areas - Administrative Permissions and Resource (Feature Flag & Segment) Permissions.
Here is a brief overview of the new roles introduced that can be specified while creating an Admin API Key using Split API:
Important
- Roles are not editable, once assigned, they cannot be changed.
- A valid Admin API Key cannot create another Admin API key with more roles than it contains.
- Roles can be combined.
| Role | Description | |
|---|---|---|
| Administrative Permissions | API_ALL_GRANTED | A key with this role grants access to all of your Organization’s settings and resources via Split API. This is the default role if none is specified. Admin API Keys created before Aug 2023 are associated to this role. |
API_APIKEY | A key with this role allows the creation and deletion of other API Keys. | |
API_ADMIN | Reduced Admin capabilities. This role enables administration of the organization via Split API. However, this role excludes permission to manage API Keys and the following resources: feature flags, segments, change requests, tags, and rollout statuses. | |
API_WORKSPACE_ADMIN | Admin capabilities within a workspace, similar to API_ADMIN, but excluding permission to manage users and groups. | |
| Resource Permissions Feature Flags | API_FEATURE_FLAG_VIEWER | View-only access to feature flags including permission to view associated tags, change requests and rollout statuses. |
API_FEATURE_FLAG_EDITOR | Grants access to all feature flag operations including operations related to associated tags, change requests and rollout statuses. | |
| Resource Permissions Segments | API_SEGMENT_VIEWER | View-only access to segments including permission to view associated tags and change requests. |
API_SEGMENT_EDITOR | Grants access to all segment operations including operations related to associated tags and change requests. |
Admin API Key scopes
Admin API Keys can be scoped to different levels of access:
Global- access to all current and future resources across the org.Workspace- access to all current and future resources across a single workspace.Environment- access to all current and future resources across the environments selected.