API Keys
API keys provide programmatic access to your Zenfra organization. Use them for CI/CD pipelines, automation scripts, or any system that needs to interact with Zenfra without a user session.
Overview
API keys are scoped to your organization and assigned a role that determines what actions they can perform. Each key has a prefix (e.g., zenfra_9...) for easy identification without exposing the full token.
Managing API keys
Navigate to Organization > API Keys to view and manage your tokens.
API key list
| Column | Description |
|---|---|
| Name | Display name and optional description |
| Role | The access level (Admin or Write) |
| Token Prefix | First characters of the token for identification |
| Expires | When the token expires |
| Last Used | When the token was last used for authentication |
| Usage | Number of times the token has been used |
The list supports searching and filtering by role.
Creating an API key
Click Create API Token and provide:
- Name — a descriptive name (e.g.,
CI Pipeline,Monitoring Script) - Description — optional description of the key's purpose
- Role — the access level to assign
- Expiration — when the key should expire
After creation, the full token value is shown once. Copy and store it securely — it cannot be retrieved again.
Deleting an API key
Click the Delete button next to any key to permanently revoke it. Any systems using the key will immediately lose access.
Security best practices
- Give each key the minimum role required for its purpose
- Set expiration dates appropriate for the use case
- Rotate keys periodically
- Use descriptive names so you can identify what each key is used for
- Delete keys that are no longer in use