Update: On Monday, July 20th, we will be updating how keys are generated and displayed in your Settings. This change will mean it is no longer possible to view your API key in plain text. Any keys you already have will still function. If you need to copy your API key after July 20th, you will simply have to create a new key in the new UI.
We're making these changes to provide you with safer and more granular control over your API access. Changes will include allowing for multiple keys per account and permissions for each key.
Sometimes you'll need an API key to integrate with other apps.
You can find that by navigating to Settings > Integrations & API Keys within FullStory:
Keep your API key secure
It's important to treat your FullStory API key with the same secrecy you use for your passwords. Publicly exposing your key can allow unauthorized access to the FullStory API endpoints, and your FullStory data by a third party. Keep the following in mind to protect your key and your FullStory account:
- Never embed API keys directly in code: API keys embedded in code are easily discoverable by the public. Instead of embedding your API keys in your applications, store them in environment variables or in files outside of your application's source tree.
- Do not store API keys in files inside your application's source tree: If you store API keys in files, keep the files outside your application's source tree to help ensure your keys do not end up in your source code control system. This is particularly important if you use a public source code management system such as GitHub.
- Change your API keys from time to time: You can regenerate API keys from the page referenced above by clicking Regenerate followed by Save Key. Then, update your applications to use the newly-generated keys