API Documentation
Start typing to searchā€¦

API keys overview

Use these endpoints to create or delete an API key.

šŸš§

Management of admin API keys will be moving

As a part of integrating with Harness,admin API keys will soon be managed by general Harness systems. We recommend against creating any new integrations that manage admin API keys with this endpoint unless it is for a temporary purpose.

The server_side and client_side SDK API keys will continue to be managed using this endpoint.

For more information, go to Before and After Guide: API for Split Admins. You can also contact us at [email protected] and we will be happy to guide you to the best path forward.

When creating an API key, the key itself is returned in the response body.

ā—ļø

Keep your server_side and admin keys private

Never expose admin and server_side API keys in untrusted contexts.

Do not put your admin or server_side API keys in client-side JavaScript or mobile SDKs. Split has special client_side API keys that you can use in JavaScript, Android, and iOS.

If you accidentally expose your API key, revoke it in the APIs tab in Account settings or using the Delete an API key endpoint.

Be sure to copy your Admin API key once it's generated. For security purposes, you wonā€™t see the key again.

In addition to API keys, you can authenticate with Harness personal access tokens (PATs). For more information, see Authentication.

API key types

There are three types of keys that can be created:

  • admin API keys are used for access to the Split Admin API endpoints.
  • server_side API keys are recommended to use with SDKs that live in your infrastructure (for example, your servers).
  • client_side API keys are for SDKs living in public environments (for example, browsers or mobile clients).

Admin API key roles

Roles aim to limit the access and operations a key can perform within Split within two functional areas - Administrative Permissions and Resource (Feature Flag & Segment) Permissions.
Here is a brief overview of the new roles introduced that can be specified while creating an Admin API key using Split API:

šŸš§

Important

  • Roles are not editable, once assigned, they cannot be changed.
  • A valid Admin API key cannot create another Admin API key with more roles than it contains.
  • Roles can be combined.

Role

Description

Administrative Permissions

API_ALL_GRANTED

A key with this role grants access to all of your Account's settings and resources via Split API.
This is the default role if none is specified.
Admin API keys created before Aug 2023 are associated to this role.

API_APIKEY

A key with this role allows the creation and deletion of other API keys.

API_ADMIN

Reduced Admin capabilities.
This role enables administration of the account via Split API. However, this role excludes permission to manage API Keys and the following resources: feature flags, segments, change requests, tags, and rollout statuses.

API_WORKSPACE_ADMIN

Admin capabilities within a project (formerly known as workspace), similar to API_ADMIN, but excluding permission to manage users and groups.

Resource Permissions
Feature Flags

API_FEATURE_FLAG_VIEWER

View-only access to feature flags including permission to view associated tags, change requests and rollout statuses.

API_FEATURE_FLAG_EDITOR

Grants access to all feature flag operations including operations related to associated tags, change requests and rollout statuses.

Resource Permissions
Segments

API_SEGMENT_VIEWER

View-only access to segments including permission to view associated tags and change requests.

API_SEGMENT_EDITOR

Grants access to all segment operations including operations related to associated tags and change requests.

Admin API key scopes

Admin API keys can be scoped to different levels of access:

  • Global - access to all current and future resources across the org.
  • Workspace - access to all current and future resources across a single project (formerly known as workspace).
  • Environment - access to all current and future resources across the environments selected.