This doc contains tutorials on how to use NerdGraph to programmatically manage some New Relic API keys: the license key, the browser key, and the . For general information about our keys, see API keys.
Overview of feature descriptionYou can use the API keys UI to create and manage keys. Alternatively, you can use NerdGraph's ApiAccess field to programmatically create and manage the following types of keys:
User keys, required for using NerdGraph
Data ingest keys, including:
One common use case for this feature is the ability to rotate keys for security purposes. Note that you can't use this NerdGraph functionality to delete the license key or browser key that was originally created with an account; those original keys can't be deleted. You can only create additional license keys and manage the ones you've created.
Notes about this functionality:
NrAuditEvent that can be queried for auditing purposes. For details, see Audit events.Things to note before using these example queries:
To create multiple keys (user key or ingest key) in a single mutation, for multiple accounts and key types. Note that the mutation can return successfully created keys as well as any errors encountered trying to create keys.
Example of creating a key:
accountId: YOUR_ACCOUNT_ID
... on ApiAccessIngestKey {
... on ApiAccessIngestKeyError {
Results will vary depending on your data. Use the GraphiQL explorer to experiment with mutations and queries.
Here's an example of using this query to create a user key:
To create a user key, you'd change the above query slightly, in the keys section:
keys: { user: { accountId: YOUR_ACCOUNT_ID, userId: YOUR_USER_ID } }
... on ApiAccessIngestKey {
... on ApiAccessIngestKeyError {
The update mutation takes the key ID, not the key string, to identify keys.
ingest: { keyId: KEY_ID, name: "Updated name", notes: "A new note!" }
Results will vary depending on your data. Use the GraphiQL explorer to experiment with mutations and queries.
Delete keysThe delete mutation takes the key ID, not the key string, to identify keys. Deleted keys will no longer grant access to New Relic systems and will no longer be returned by queries to the API access GraphQL API.
apiAccessDeleteKeys(keys: { ingestKeyIds: INGEST_KEY_ID }) {
Results will vary depending on your data. Use the GraphiQL explorer to experiment with mutations and queries.
Query keysYou can access ingest and user keys by querying a single key or all keys, scoped to the actor. If querying for a single key, you must provide the key ID and type (INGEST or USER). Querying for multiple keys is done via a key search, which uses a mandatory types list and an optional scope to filter results. User keys belonging to other users will be obfuscated in the results.
Single key example query:
key(id: "INGEST_KEY_ID", keyType: INGEST) {
... on ApiAccessIngestKey {
Key search example query:
keySearch(query: { types: INGEST, scope: { ingestTypes: BROWSER } }) {
... on ApiAccessIngestKey {
Results will vary depending on your data. Use the GraphiQL explorer to experiment with mutations and queries.
RetroSearch is an open source project built by @garambo | Open a GitHub Issue
Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo
HTML:
3.2
| Encoding:
UTF-8
| Version:
0.7.4