API Keys
Use graph and personal API keys to authenticate requests
Every system that communicates with Apollo GraphOS must use an API key to do so. GraphOS Studio enables you to create and manage two types of API keys: graph API keys and personal API keys.
Any system that isn't running as part of your local development setup should always use a graph API key.
Graph API keys
A graph API key provides access to interacting with a single graph in GraphOS.
Create a unique graph API key for each non-development system that communicates with GraphOS. Doing so enables you to revoke access to a single system without affecting others.
How to obtain a graph API key
- Go to studio.apollographql.com and click the graph you want to obtain an API key for.
- If a Publish your Schema dialog appears, copy the protected value that appears after
APOLLO_KEY=
in the example code block (it begins withservice:
), and you're all set.Otherwise, proceed to the next step. - Open your graph's Settings page and select the API Keys tab. Click Create New Key. Give your key a name, such as
Production
. This helps you keep track of each API key's use.noteIf you don't see the API Keys tab, you don't have sufficient permissions for your graph. Only organization members with the Org Admin or Graph Admin role can manage graph API keys. Learn more about member roles. - Copy the key's value. For security, you cannot view an API key's value in Studio after creating it.
Setting permissions
Unless you have an Enterprise plan, every graph API key provides full access to its associated graph.
If you have an Enterprise plan, you can assign a role to each graph API key you create. If you do, the API key's permissions are limited to that role's permissions.
You can't change a graph API key's role after it's created. Instead, create a new key with the desired role.
Personal API keys
A personal API key provides partial access to every graph in every organization you belong to. Specifically, it has the same permissions that your user account has in each of those organizations.
Personal API keys are useful for local development tools (like the Rover CLI and the Apollo VS Code extension) to load schemas and other data from GraphOS.
How to obtain a personal API key
- Go to studio.apollographql.com/user-settings.
- In the Personal API Key section, click Create New Key. Give your key a name, such as
Local development laptop
. This helps you keep track of each API key's use. - Copy the key's value. For security, you cannot view an API key's value in Studio after creating it.