We launched a new app: API Key Manager for Confluence
Friday, January 6, 2023
Kicking things off in 2023, we launched our newest app: API Key Manager for Confluence!
The API Key Manager for Confluence lets you create and manage secure API keys in Confluence Cloud. Using keys created with the API Key Manager for Confluence instaed of the API tokens you would otherwise use with Confluence Cloud brings some important security benefits:
Stand-alone API keys
Unlike API tokens, API keys are not tied to the user that created them. That means you can centrally manage API keys for all scripts and integrations. Keys will also stay valid, even if the user who created them leaves your organization.
Scoped API keys
API keys do not inherit the permissions of the user who created them. Much rather, you can limit what an API key can do, by giving it a list of REST endpoints it is allowed to hit and HTTP verbs (GET, PUT, etc.). This way you can easily create API keys that can only read a single Confluence page or that can only create new content in a single space.
Auto-expiring API keys
All API keys have an expiry date after which the key becomes invalid and needs to be replaced. The default expiry time is 30 days, but you can set any expiry date you need – be it just days or many years into the future. Having an expiry date makes it a lot easier to comply with security best practices and requirements set forward by operation control frameworks, such as SOC 2, HIPAA, or ISO 27001.
We're excited to start the year with the release, but have so much more planned for 2023. Stay tuned!