Product Updates   Instrumentation  

Safer Client-Side Instrumentation with Honeycomb's Ingest-Only API Keys

By Jason Harley  |   Last modified on February 14, 2024

We're delighted to introduce our new Ingest API Keys, a significant step toward enabling all Honeycomb customers to manage their observability complexity simply, efficiently, and securely. Ingest Keys are currently available for Environment & Services customers, with Classic support and programmatic key management capabilities under development and coming soon!

What are Ingest-Only API Keys?

Ingest-Only API Keys are specialized environment-scoped keys, designed to securely transmit telemetry data, including the optional creation of new datasets. They are:

  • Limited in permissions: Can only be used to write telemetry data, and optionally, to create new datasets.
  • Immutable: Once created, their permissions cannot be altered, making them the safest option for client-side instrumentation.
  • Easily deleted: These keys can be temporarily disabled or permanently deleted in order to help users manage clutter and adhere to certain compliance standards.

Ingest-Only API Keys Screenshot

With the introduction of the new keys, this presents a dual-key system: Ingest Keys (new) and Configuration Keys (pre-existing hybrid ingest+management keys). Here are our recommendations to navigate this system:

  • For data writing tasks, use the new Ingest Keys: They are the safest option, especially for client-side instrumentation, given their immutability and scoped permissions. They include the ability to delete keys, and with programmatic key management coming soon (via a Key Management API), they will be the simplest and most efficient way to manage data writing tasks.
  • For broader, management-oriented tasks, use the pre-existing Configuration Keys: Depending on your compliance policies, consider migrating the ingest tasks performed by your current Configuration Keys to the new Ingest Keys.

What's next

We’re excited to continue building toward our vision of best-in-class API experience. Coming next:

  • Support for Classic customers to use the new Ingest Keys.
  • Programmatic management of new Ingest Keys to enable create, disable, and delete via a Key Management API. At the moment, these functions are only possible within the UI.
  • Exposed metadata on recent usage and activity.

Stay tuned!

 

Related Posts

OpenTelemetry   Instrumentation  

Instrumenting a Demo App With OpenTelemetry and Honeycomb

A few days ago, I was in a meeting with a prospect who was just starting to try out OpenTelemetry. One of the things that...

OpenTelemetry   Instrumentation  

OpenTelemetry Best Practices #2 Agents, Sidecars, Collectors, Coded Instrumentation

For years, we’ve been installing what vendors have referred to as “agents” that reach into our applications and pull out useful telemetry information from them....

OpenTelemetry   Instrumentation  

Avoid Stubbing Your Toe on Telemetry Changes

When you have questions about your software, telemetry data is there for you. Over time, you make friends with your data, learning what queries take...