Rotate API key without downtime, by having two keys briefly

Some APIs such as AWS allow you to have two working API keys at the same time so that you can rotate in the new one and rotate out the old one without requiring any downtime of your application. I suggest adding a similar feature to Airtable’s API key regeneration procedure so we can rotate API keys without requiring application downtime.

Four different functions:
Create New API key (maximum of two or three keys perhaps)
Enable a disabled key
Disable an enabled key
Delete key

3 Likes

Sounds like a great idea.

The current workaround is to have another account and use the other account’s API key. With multiple API keys per account, you would not have to pay for an additional workspace user just for this functionality.

And if the enable and disable functions are too much trouble to build, just the ability to create a second key before deleting the first key would be very helpful.

Yeah, there are some advantages to this, but when you need to terminate a key instantly because it is threatening or destroying your system, the advantage vanishes; you are going to experience an outage, however brief it may be.

API key switching is not the only way APIs can be interrupted. Imagine a bus manoeuvring the streets of downtown LA using LTE to capture real-time events from its on-board cameras. It’s tracking people, genders, and families onboarding and offboarding. Big buildings often cause little blips in disconnectivity and APIs are impacted greatly - they miss data because requests fail frequently.

Or do they? :wink:

At Stream It, we build resilient APIs that accommodate these common issues. It’s not easy and there are some really complex issues, but it is possible.

But as my earlier thumbs up on this suggestion bears out, the convenience is warranted - no one wants to spend a lot of money and effort to build a resilient API for an Airtable app.

I’m just requesting a feature that would be nice to have. Not saying or implying anything else.