Safer Client-Side Instrumentation with Honeycomb's Ingest-Only API Keys

We're delighted to introduce our new Ingest API Keys, a significant step toward enabling all Honeycomb customers to manage their observability complexity simply, efficiently, and securely. Ingest Keys are currently available for Environment & Services customers, with Classic support and programmatic key management capabilities under development and coming soon!

What are Ingest-Only API Keys?

Ingest-Only API Keys are specialized environment-scoped keys, designed to securely transmit telemetry data, including the optional creation of new datasets. They are:

• Limited in permissions: Can only be used to write telemetry data, and optionally, to create new datasets.
• Immutable: Once created, their permissions cannot be altered, making them the safest option for client-side instrumentation.
• Easily deleted: These keys can be temporarily disabled or permanently deleted in order to help users manage clutter and adhere to certain compliance standards.

With the introduction of the new keys, this presents a dual-key system: Ingest Keys (new) and Configuration Keys (pre-existing hybrid ingest+management keys). Here are our recommendations to navigate this system:

• For data writing tasks, use the new Ingest Keys: They are the safest option, especially for client-side instrumentation, given their immutability and scoped permissions. They include the ability to delete keys, and with programmatic key management coming soon (via a Key Management API), they will be the simplest and most efficient way to manage data writing tasks.
• For broader, management-oriented tasks, use the pre-existing Configuration Keys: Depending on your compliance policies, consider migrating the ingest tasks performed by your current Configuration Keys to the new Ingest Keys.

What's next

We’re excited to continue building toward our vision of best-in-class API experience. Coming next:

• Support for Classic customers to use the new Ingest Keys.
• Programmatic management of new Ingest Keys to enable create, disable, and delete via a Key Management API. At the moment, these functions are only possible within the UI.
• Exposed metadata on recent usage and activity.

Stay tuned!