Dashboard
Create, scope, rotate, and revoke the API keys used by the current proxy routes.
API Keys
API keys authenticate requests to Souma's validation routes. In the current dashboard they live at Integration > API Keys.
Generating a key
- Navigate to your dashboard
- Go to Integration > API Keys
- Click Generate new key
- Name the key by environment or service
- Copy and securely store the raw key
Important: API keys are shown only once at creation. Store them securely before closing the dialog.
Key permissions
| Scope | Description |
|---|---|
provenance:read | Read provenance-related records |
provenance:write | Write provenance-related records |
validation:read | Read validation results |
validation:write | Submit RtU checks |
Usage monitoring
The current UI focuses on operational management rather than deep key analytics. Use the dashboard to confirm status, created time, and scope assignment, then monitor request behavior from your service logs or proxy metrics.
Rotation pattern
- create a replacement key
- update the downstream service or environment secret
- confirm new traffic is healthy
- revoke the old key
When teams usually need a new key
- a new deployment environment
- a new internal service
- a suspected exposure
- a scope change between read-only and write access
Revoking a key
If a key is compromised:
- Go to Integration > API Keys
- Find the compromised key
- Click Revoke
- Generate a new key and update your applications