You must support creation of multiple API keys per user.
1. Usage of API keys in different environments instead of using the same API key everywhere adds a layer of extra security
2. When you need to generate a new API key for any reason, the service will stop working until you exchange the old API with the new.
Proper API key life cycle works like this:
1. Generate new API key (having two)
2. Change the old API key to new one in your code
3. Delete your old API key
This approach means zero downtime.
You must be logged in to reply to this topic.