API Access Keys

PagerDuty offers two APIs, which require API access keys:

  • REST API: Allows third parties to interact with configuration data in your account.
  • Events API: Allows you to add PagerDuty's advanced event and incident management functionality to any system that can make an outbound HTTP connection.

REST API Keys

There are two types of REST API keys:

Both types of REST API keys are 20-character strings. They will produce an error if they’re used with an Events API call.

📘

REST API Availability

The REST API is available to all customers on current pricing plans. It is not available to some customers on legacy pricing plans.

Generate a General Access REST API Key

🚧

Required User Permissions

Admins and Account Owners can create, disable, enable and delete general access REST API keys.

  1. In the web app, navigate to Integrations API Access Keys under Developer Tools.
  2. Click Create New API Key.
  3. Enter a Description to help you identify the key later.
  • Optionally check Read-only API Key if you’d like the key to only make GET calls.
  1. Click Create Key.

🚧

API Key Storage

This will generate a unique API key. Store it in a secure location, as this is the only time the key is displayed in full. If you lose a key you will need to delete it and create a new one.

  1. Click Close.

The key will appear in the table of API Access keys below, along with some additional information: the description, when it was created, the API version, access level and whether it’s disabled (including who disabled the key and when).

Disable a REST API Access Key

Disabling a general access REST API key means that the key will no longer work with the REST API. However, this action does not delete the key and it can be re-enabled at a later time.

🚧

Required User Permissions

Admins and Account Owners can disable general access REST API keys.

  1. In the web app, navigate to Integrations API Access Keys.
  2. In the table of API access keys, select Disable next to the key you’d like to disable.
  3. Confirm your selection in the browser alert.

Enable a REST API Access Key

  1. In the web app, navigate to Integrations API Access Keys.
  2. In the table of API access keys, select Enable next to the key you’d like to enable.

Delete a REST API Access Key

Deleting a general access REST API key removes the key from your account. This is an irreversible action and a deleted key cannot be recovered. The Account Owner and users with an Admin or Global Admin user role can delete general access REST API keys.

  1. In the web app, navigate to Integrations API Access Keys.
  2. In the table of API access keys, select Remove next to the key you’d like to delete.
  3. Confirm your selection in the browser alert.

Generate a User Token REST API Key

🚧

Requirements

If your account has Advanced Permissions, users can create personal REST API keys. Requests made using personal REST API keys are restricted to the user's permissions. Any client request for an operation that the user is not permitted to perform will result in a 403 Forbidden response.

  1. In the web app, navigate to User Icon My Profile User Settings.
  2. In the section API Access, click Create API User Token.
  3. Enter a Description to help you identify the key later.
  4. Click Create Key.

🚧

API Key Storage

This will generate a unique API key. Store it in a secure location, as this is the only time the key is displayed in full. If you lose a key you will need to delete it and create a new one.

  1. Click Close.

The key will appear in the table below, along with some additional information: when it was created, last used, and the API version.

Delete a User Token REST API Key

Deleting a personal REST API access key removes the key from the user’s account. This is an irreversible action and a deleted key cannot be recovered.

🚧

Required User Permissions

Any user may delete their own keys. Account Owners and Admins can delete other users’ personal access keys, so long as the other user is not the Account Owner, an Admin or Global Admin.

  1. In the web app, navigate to User Icon My Profile User Settings.
  2. In the section API Access, click Remove next to the key you’d like to delete.
  3. Confirm your selection in the browser alert.

API Scopes

In addition to General Access REST API Keys and User Token REST API Keys, you can generate scoped tokens, which offer more granular control over the objects that users and apps can access. Please read our dev docs Register an App for more information.

Rate Limits

In order to ensure fair access to REST API resources, PagerDuty enforces rate limits. Please read REST API Rate Limits for more information.

Events API Keys

🚧

Requirements

The Events API is available to all customers, and any user with a Manager role or above can generate an integration key.

API keys for the Events API are 32-character strings. They are associated with service-level integrations, and are listed on a service’s Integrations tab. Read more about configuring integration keys for the Events API in our Services and Integrations article.

Event Orchestration, which allows you to centralize event processing, also makes use of integration keys for the Events API.