Skip to content

API Keys

API keys authenticate 10x Engine deployments with the Log10x backend. Each key is a secret credential that should be stored securely.

Lifecycle

graph LR
    A["<div style='font-size: 14px;'>🔐 Login</div><div style='font-size: 10px; text-align: center;'>Identity Provider</div>"] --> B["<div style='font-size: 14px;'>🔑 Generate</div><div style='font-size: 10px; text-align: center;'>Create API Key</div>"]
    B --> C["<div style='font-size: 14px;'>📦 Deploy</div><div style='font-size: 10px; text-align: center;'>Use in Helm/K8s</div>"]
    C --> D["<div style='font-size: 14px;'>🔄 Rotate</div><div style='font-size: 10px; text-align: center;'>Periodic Refresh</div>"]
    D --> B

    classDef login fill:#7c3aed88,stroke:#6d28d9,color:#ffffff,stroke-width:2px,rx:8,ry:8
    classDef generate fill:#2563eb88,stroke:#1d4ed8,color:#ffffff,stroke-width:2px,rx:8,ry:8
    classDef deploy fill:#059669,stroke:#047857,color:#ffffff,stroke-width:2px,rx:8,ry:8
    classDef rotate fill:#ea580c88,stroke:#c2410c,color:#ffffff,stroke-width:2px,rx:8,ry:8

    class A login
    class B generate
    class C deploy
    class D rotate
Step Description
Login Authenticate via your identity provider (Auth0, Okta, Azure AD, etc.)
Generate Create a new API key from the Console - treat as a secret credential
Deploy Pass API key to 10x Engine via Helm values, K8s secrets, or environment variables
Rotate Periodically rotate keys using the Console; old keys are invalidated immediately

Security Best Practices

  • Never commit API keys to version control - use K8s Secrets or AWS Secrets Manager
  • Rotate keys regularly - the Console supports one-click rotation
  • Use separate keys for dev/staging/production environments
  • Limit access - only share keys with team members who need them

Storage Backends

API keys can be stored in different backends depending on your deployment mode:

Backend Use Case Notes
Auth0 app_metadata SaaS mode Zero additional infrastructure
DynamoDB AWS deployments Serverless, auto-scaling
PostgreSQL Self-hosted Full SQL support, transactions
K8s Secrets Air-gapped environments Cloud-native, no external DB

See Authentication for backend configuration details.