API keys

An API key enables an application to interact with Uniform to read and write various entities stored inside Uniform. Permissions are applied by roles to API keys to facilitate additional actions by the application.

info

Only team admins can create, edit and delete API keys.

  1. Open your team page in Uniform at https://uniform.app.

  1. Navigate to Security > API Keys.

  2. Click Add API key.

  3. Enter a value for the field Name.

  4. Specify if the API key should act as a Team admin. When this option is selected, the API key will have access to all project and team settings as well as custom integrations.

    warning

    Only use this option for CLI or CI/CD operations where you need to programmatically manipulate settings and integrations that require team admin access.

  5. Assign which roles should be assigned to the API key for the project(s) you want the API key to have access to.

  6. Click Create.

  7. The following values are displayed:

    ValueDescription
    KeyThe unique API key used to authenticate your application's requests to Uniform. Be sure to keep this value secure.
    ProjectA table displaying all projects this API key can access, along with options to conveniently copy connection details for each project:
    • Copy as .env: Copies environment variables (including API key and project ID) formatted for your .env file. Ideal for easy integration into frontend or backend applications.
    • Copy as mcp.json: Copies MCP Server connection configuration as JSON, used when connecting through the Uniform MCP Server.
    • Copy as Quick Connect: Prepares format for connecting the API key with the Uniform Context Chrome extension.
    • Copy as Project ID: Copies just the project ID for easy reference or configuration elsewhere.

    Make sure to save your API key and connection details

    For security reasons, this is the only time the API key and connection details are displayed. Before you move on to the next step, you must save these values somewhere so you can use them in the future.

    api-key-created
    Create API key

  8. Click Close.

You can modify an API key's project access and role assignments at any time.

  1. In Uniform, navigate to Security > API Keys.
  2. Click the name of the API key you want to modify.
  3. Make changes to the API key settings as needed. See Change project access for details on modifying project and role assignments.
  4. Click Save.

warning

Deleting an API key is a permanent operation. While you can create a new API key with the same settings, you will never get the same key value again.

  1. In Uniform, navigate to Security > API Keys.
  2. Click the name of the API key you want to delete.
  3. Click delete.
  4. Click OK.

    note

    Deleting an API key results in immediate loss of create, update and delete access. It could take up to 2 hours for cached requests to lose read access.

You can add an API key to projects, change its roles, or remove access entirely.

  1. In Uniform, navigate to Security > API Keys.
  2. Click the name of the API key you want to modify.
  3. In the Assign projects & roles section:
    • To add access to a project, find the project and select one or more roles from the dropdown.
    • To change roles on a project, use the dropdown to select or deselect roles.
    • To remove access from a project, click the x next to each assigned role.
  4. Click Save.

tip

An API key can have multiple roles assigned. See combining roles for details.

API keys with with the Team admin permission have unlimited access to your team's settings and all the projects of that team.

The main purpose of such API keys is to enable advanced programmatic automation for CLI or CI/CD operations where you need to manipulate settings and integrations that require team admin access.

These operations include:

  • Managing custom integrations and custom edgehancers using Integration CLI commands
  • Pushing workflows to your team's projects using the CLI
  • Using the Management API to update project settings or manage team members and roles

Security warning

Never use a team admin API key for your frontend applications. Doing so can expose a severe security risk by granting unauthorized access to your team's settings and projects via the compromised API key.

Any team admin API key that has been exposed to the public should be deleted and a new key created.

Use the UNIFORM_CLI_API_KEY environment variable to configure the CLI to use a team admin API key.

Avoid committing team admin API keys to code repositories or sharing them in public channels.

Deprecated feature

Custom permissions have been deprecated as of May 2025. While any existing roles with custom permissions will continue to work, you can no longer create new custom permissions when assigning an API key to a project.

Instead, use roles for a simpler, more maintainable way to manage permissions.

If you have API keys with custom permissions, you should migrate them to use roles. When you remove custom permissions from a project, you can then assign roles to the API key, and the API key inherits the permissions from those roles.

  1. In Uniform, navigate to Security > API Keys.
  2. Click the name of the API key you want to modify.
  3. In the row for the project, click > Remove Custom Permissions.
  4. Click Remove Custom Permissions.
  5. Select the roles you want to assign to the API key.
  6. Click Save.
Last modified
Next
API & SDK