Introducing API Key Policy

If your organization has a policy to rotate API keys, Cloudsmith can now help you enforce this using our API Key Policy, a new policy type for Ultra customers.

Using this policy you can:

  • Specify a maximum age for API keys throughout all accounts in your workspace.
  • Enforce optional automatic API key refresh, which will automatically refresh any API keys which exceed the maximum age specified.

Key benefits:

  • Provides an easy and customizable approach to assist with routine rotation of API keys within your workspace.
  • Helps mitigate against keys becoming compromised, by ensuring keys are updated regularly and automatically invalidated when expired.
  • Ensures any requests made to the Cloudsmith API using an expired API key will receive a permission denied response.

If you'd like to give our API Key Policy a try, you can contact us to be added to the Early Access release, or check out API Key Policy for more details.

Keep up to date with our monthly product bulletin