Add and manage API keys
Before you can access Harness API, you must obtain an access token that grants access to that API. The access token allows you to make authorized API calls to Harness. These can be created at the Account/Org/Project level.
Before you begin
- Make sure you are an Account Admin to Create, Edit, Delete, and Manage Service Accounts.
For more details on permissions for API Keys, see API Permissions Reference.
Harness API Key
You can create API Keys at Account/Org/Project scope and can get multiple access tokens under them. Harness lets you create two kinds of access tokens:
- Personal Access Token - You can create API Key and generate tokens under it, from your user profile.
- Service Account Token - As an Account Admin, you can create a Service Account with Specified Role Bindings and can then create API Keys and generate tokens under it.
Based on its type, the token would inherit permissions from the User/Service Account role binding.
Create Personal Access Token
To generate a Personal Access Token, you need to first create API Key in your user profile.
- In Harness, navigate to your Profile.
- Click API Key. The API Key settings appear.
- Enter Name, Description, and Tags for your API.
- Click Save. The new API Key is created.
Generate Personal Access Token
- To generate a Token for this API Key, click Token below the API Key you just created.
- In the New Token settings, enter Name, Description, and Tags.
- To set an expiration date for this token, select Set Expiration Date.
- Enter date in Expiration Date (mm/dd/yyyy).
- Click Generate Token.
- Your new Token is generated.
You cannot see this token value after you close this dialog. Make sure to copy and store the generated token value securely.
Create Service Account Token
To generate a Service Access Token, you need to first create a Service Account and create an API Key under it.
- In Harness, click Home.
- In ACCOUNT SETUP, click Access Control.
- Click Service Accounts and then click the service account to which you want to add a new API Key. For step-by-step instructions to add a new Service Account, see Add and Manage Service Accounts.
- In the Service Account's settings page, click API Key.
- In the New API Key settings, enter Name, Description, and Tags.
- Click Save. The new API Key is created.
Generate Service Account Token
- To generate a Token for this API Key, click Token below the API Key you just created.
- In the New Token settings, enter Name, Description, and Tags.
- To set an expiration date for this token, select Set Expiration Date.
- Enter date in Expiration Date (mm/dd/yyyy).
- Click Generate Token.
- Your new Token is generated.
You cannot see this token value after you close this dialog. Make sure to copy and store the generated token value securely.
Edit Token
Edit a Personal Access Token
- In Harness, navigate to your profile.
- In My API Keys, expand the token that you want to edit.
- Click the more options button (︙) next to the token you want to edit.
- Click Edit.
- Follow the steps in Create Personal Access Token to modify any of the configured settings.
Edit a Service Account Token
- In your Harness Account, click Account Settings.
- Click Access Control.
- Click Service Accounts and then click the service account which has the token you want to edit. All the API keys are listed.
- Click the API key whose token you want to edit. You can see the list of all the tokens.
- Click the more options button (︙) next to the token you want to edit.
- Click Edit.
- Follow the steps in Create Service Account Token to modify any of the configured settings.
Rotate Token
It is a recommended security practice to periodically rotate your tokens. You can rotate your tokens in Harness for symmetric encryption.
Rotate a Personal Access Token
- In Harness, navigate to your profile.
- In My API Keys, expand the token that you want to rotate.
- Click the more options button (︙) next to the token you want to rotate.
- Click Rotate Token.
- In the Rotate Token Settings screen enter Expiration Date and click Rotate Token.
- Your new token gets generated. Copy and store the token securely before you close this dialog.
Rotate a Service Account Token
- In Harness, click Home.
- In ACCOUNT SETUP, click Access Control.
- Click Service Accounts and then click the service account which has the token you want to rotate. All the API keys are listed.
- Click the API key whose token you want to rotate. You can see the list of all the tokens.
- Click the more options button (︙) next to the token you want to rotate.
- Click Rotate Token.
- In the Rotate Token Settings screen enter Expiration Date and click Rotate Token.
- Your new token gets generated. Copy and store the token securely before you close this dialog.
Delete Token
Delete a Personal Access Token
- In Harness, navigate to your profile.
- In My API Keys, expand the token that you want to delete.
- Click the more options button (︙) next to the token you want to delete.
- Click Delete.
Delete a Service Account Token
- In Harness, click Home.
- In ACCOUNT SETUP, click Access Control.
- Click Service Accounts and then click the service account which has the token you want to delete. All the API keys are listed.
- Click the API key whose token you want to delete. You can see the list of all the tokens.
- Click the more options button (︙) next to the token you want to delete.
- Click Delete.
Edit API Key
To edit API Key in your user profile, perform the following steps:
- In Harness, navigate to your Profile.
- Your API Keys are listed under My API Keys.
- Click the more options button (︙) next to the API Key that you want to edit.
- Click Edit. The API key settings appear.
- Follow the steps in Create Personal Access Token to modify any of the configured settings.
To edit an API Key in a Service Account, perform the below steps:
- In Harness, click Home.
- In ACCOUNT SETUP, click Access Control.
- Click Service Accounts.
- Click the service account whose API key you want to edit. All the API Keys are listed.
- Click the more options button (︙) next to the API Key that you want to edit.
- Click Edit.
- Follow the steps in Create Service Account Token to modify any of the configured settings.
Delete API Key
To delete an API key from your profile, perform the following steps:
- In Harness, navigate to your Profile.
- Your API Keys are listed under My API Keys.
- Click the more options button (︙) next to the API Key that you want to delete.
- Click Delete.
To delete an API key in a Service Account, perform the below steps:
- In Harness, click Home.
- In ACCOUNT SETUP, click Access Control.
- Click Service Accounts.
- Click the service account whose API key you want to delete. All the API Keys are listed.
- Click the more options button (︙) next to the API Key that you want to delete.
- Click Delete.