Knowledge Base
API DocsIntegrationsPagerDuty UniversityPagerDuty CommonsContact SupportMy Support Tickets

API Access Keys

PagerDuty offers two APIs, each requiring a different type of access key:

  • REST API: Allows third parties to interact with configuration data in your account.
  • Events API: Allows you to add PagerDuty's advanced event and incident management functionality to any system that can make an outbound HTTP connection.

REST API Keys

There are two types of REST API keys:

Both types of REST API keys are 20-character strings. They will produce an error if used with an Events API call.

📘

REST API Availability

The REST API is available to all accounts on current pricing plans. It is not available to some accounts on legacy pricing plans.

Generate a General Access REST API Key

⚠️

Required User Permissions

Admins and Account Owner can create, disable, enable, and delete general access REST API keys.

  1. In the web app, navigate to Integrations Developer Tools API Access Keys.
  2. Click Create New API Key.
  3. Enter a Description to help you identify the key later. Optionally, check Read-only API Key to restrict the key to GET calls only.
  4. Click Create Key.
⚠️

API Key Storage

Store your key in a secure location — this is the only time it is displayed in full. If you lose a key, you must delete it and create a new one.

  1. Click Close.

The key will appear in the API Access Keys table with the following information: description, creation date, API version, access level, and disabled status (including who disabled it and when).

Disable a General Access REST API Key

Disabling a general access REST API key prevents it from working with the REST API. This action does not delete the key — it can be re-enabled at any time.

⚠️

Required User Permissions

Admins and Account Owners can disable general access REST API keys.

  1. In the web app, navigate to Integrations Developer Tools API Access Keys.
  2. In the API Access Keys table, click Disable next to the key you want to disable.
  3. Confirm your selection in the browser alert.

Enable a General Access REST API Key

  1. In the web app, navigate to Integrations Developer Tools API Access Keys.
  2. In the API Access Keys table, click Enable next to the key you want to enable.

Delete a General Access REST API Key

🛑

Irreversible Action

Deleting a general access REST API key permanently removes it from your account and cannot be undone.

⚠️

Required User Permissions

The Account Owner and users with an Admin or Global Admin role can delete general access REST API keys.

  1. In the web app, navigate to Integrations Developer Tools API Access Keys.
  2. In the API Access Keys table, click Remove next to the key you want to delete.
  3. Confirm your selection in the browser alert.

Generate a User Token REST API Key

⚠️

Requirements

If your account has Advanced Permissions, you can create a personal REST API key. Requests made with a personal REST API key are restricted to your own permissions. Any request for an operation you are not permitted to perform will return a 403 Forbidden response.

  1. In the web app, navigate to User Icon My Profile User Settings.
  2. Under API Access, click Create API User Token.
  3. Enter a Description to help you identify the key later.
  4. Click Create Key.
⚠️

API Key Storage

Store your key in a secure location — this is the only time it is displayed in full. If you lose a key, you must delete it and create a new one.

  1. Click Close.

The key will appear in the API Access table with the following information: creation date, last used date, and API version.

Delete a User Token REST API Key

🛑

Irreversible Action

Deleting a personal REST API key permanently removes it from your account and cannot be undone.

⚠️

Required User Permissions

Any user can delete their own keys. Account Owners and Admins can delete other users' personal access keys, as long as the other user is not the Account Owner, an Admin, or a Global Admin.

  1. In the web app, navigate to User Icon My Profile User Settings.
  2. Under API Access, click Remove next to the key you want to delete.
  3. Confirm your selection in the browser alert.

API Scopes

In addition to General Access REST API Keys and User Token REST API Keys, you can generate scoped tokens, which offer more granular control over the objects that users and apps can access. Read Register an App in our developer docs for more information.

Rate Limits

To ensure fair access to REST API resources, PagerDuty enforces rate limits. Read REST API Rate Limits for more information.

Events API Keys

⚠️

Requirements

The Events API is available to all accounts. Any user with a Manager role or above can generate an integration key.

Events API keys are 32-character strings associated with service-level integrations, listed on a service's Integrations tab. Read Services and Integrations for more information on configuring integration keys for the Events API.

Event Orchestration, which centralizes event processing, also uses integration keys for the Events API.

Updated about 10 hours ago

Learn more