GraphQL Summit is back for three days of insights, hands-on learning, and fun to celebrate the GraphQL community. Join us in San Diego Oct 3-5.
Try Apollo Studio

API keys

Every application that sends data to Apollo must use an API key to do so. Apollo Studio enables you to create and manage two types of API keys: graph API keys and personal API keys. Every system that isn't running as part of your local development setup should always use a graph API key.

Graph API keys

A graph API key provides access to a single graph in Apollo Studio. A GraphQL server (such as Apollo Server) can use a graph API key to register its schema and push metrics to Studio.

Create a unique graph API key for each non-development system that communicates with Studio. Doing so enables you to revoke access to a single system without affecting others.

Setting permissions

Unless you have an Enterprise plan, every graph API key provides full access to its associated graph.

If you have an Enterprise plan, you can assign a role to each graph API key you create. If you do, the API key's permissions are limited to that role's permissions.

You can't change a graph API key's role after it's created. Instead, create a new key with the desired role.

Personal API keys

A personal API key provides partial access to every graph in every organization you belong to. A personal API key has the same permissions that your user account has in each of your organizations.

Personal API keys are useful for local development tools (like the Apollo CLI and VS Code extension) to load schemas and other data from Studio.

Edit on GitHub
Build status (preview)
Audit log (enterprise only)