Update: Expanding our new API functionalityPosted Dec 18, 2022 | 3 min. (526 words)
Today we continue on our journey towards being API-first with two new updates – non-expiring tokens and regenerating API keys.
As you may have seen, late last month we made the exciting announcement about the launch of our Public API. Delivering a world-class API is a core focus here at Raygun. We’re on a mission to give you greater control over how you can extract, manipulate, and visualize the powerful insights surfaced in Raygun, so that you can use them in exciting new ways.
The goal of building this API is to give you greater control – and non-expiring tokens offer just that. Instead of having a token expire after a predetermined amount of time (the maximum was previously 90 days), you can now set a token to exist indefinitely. This removes the need to manually remind yourself to renew your token, and avoids any periods of downtime between when a token expires and a new one gets created.
Simply select “No expiration” when creating a new Personal Access Token.
Our recommended workflow is still to test your access to the API with a temporary token first. Once you’re happy that your API is working as expected, then you can create a non-expiring token.
It’s also best practice to document the creation of non-expiring tokens with your wider development team. Ensuring that there are no information silos within your team will ensure that your whole team knows who owns the token in case it needs to be revoked, and to avoid someone else setting up a duplicate access to the API.
Regenerating API keys:
In Raygun, each application requires an API key to send data. This is a unique, and very powerful identifier in your account, which has led many customers to explore manually regenerating these API keys at a regular cadence. By doing so, it minimizes the risk of security vulnerabilities and satisfies internal security requirements. Today, we’re releasing the ability to automatically regenerate these API keys, simplifying this previously manual process.
In order to take full advantage of this functionality, you will need to create your own personal script.
This script should:
- Retrieve a list of all applications
- Iterate through each application you would like to update:
- Initiate a request to regenerate the API key
- Update the old API key with the new key returned
- Test if data can be send using the new API key
While this is an exciting new piece of functionality, remember, with great power comes great responsibility. This API key is the connection between your software and Raygun; meaning if this is done incorrectly it could potentially cause Raygun to stop ingesting your data. So please, do this with care.
As an added little bonus, today, we also released the ability to search for applications via their API key, and added some shiny new UI improvements.
Today’s releases mark exciting new steps on our journey towards being API-first. Our work on the Raygun API is ongoing, and we’d love to hear your feedback on what you think we should build next. If you have any suggestions, please let us know by filling out this form.