Dashboard

API keys

Create, scope, rotate, and revoke operator API keys.

API keys

Use dashboard to manage operator API credentials safely.

Recommended key split

launch key: launch:write
reporting key: read scopes only
webhook admin key: webhooks:read, webhooks:write
staging simulator key: simulator:read, simulator:write

Avoid one all-purpose key unless operationally necessary.

Create flow

choose clear key name by workload
assign minimum scopes
store token in secret manager immediately
test one expected endpoint

See scope list at /docs/reference/scopes.

Rotation flow

create replacement key first
deploy replacement secret to operator systems
verify new key works
revoke old key

Do not revoke old key before replacement is live.

Revocation guidance

Revoke immediately if:

token leaked to logs or chat
token committed to repo
token shared outside approved operators
unknown traffic appears

Troubleshooting

INVALID_API_KEY -> token wrong, revoked, or sent to wrong environment
INSUFFICIENT_SCOPE -> wrong scope set
INVALID_SCOPES during creation -> unsupported scope name

API contract: /docs/operator-api/api-keys
current session introspection: /docs/operator-api/session

Edit this pageorReport an issue

Overview

Operator dashboard surfaces and their purpose.

Wallet adapter settings

Configure the operator wallet adapter for OpenPoly callbacks.