API Key Management
The AppSentinels API Security Platform enables seamless integration with third-party tools such as SIEM and SOAR through secure API access. To use these APIs, two levels of authentication are required:
API Key (Organization Level)
Scope: Organization-wide. Applies to all APIs across every application within the organization.
Purpose: Can be used to integrate with external systems like log aggregators, ticketing tools, or monitoring platforms.
Multiple Keys: You can create multiple API keys for different use cases, each with unique names and descriptions for easy identification.
How to Create an API Key:
Navigate to Organization → Settings → API Key Management → Create New Key
You will be prompted to:
- Enter a Key Name
-
Define Allowed IP Addresses (e.g., restrict access to specific IPs
or CIDR ranges; use
0.0.0.0/0
to allow all) - Provide a Key Description

API Keys List
Once created, API keys will appear in the API Keys Management table.
API Key values can be copied directly from this list for use in integrations. API Keys can be deleted from this table when they are no longer in use.

The API Key table includes the following columns:
- Key Name
- Description
- Masked Key Value (with options to copy or reveal)
- Allowed IP Addresses
- Action (to delete)
User Key (Application Level)
Scope: Tied to a specific user and application.
Purpose: Adds user-level traceability and control on API usage.
How to Generate a User Key
Navigate to Application → Settings → My Settings → Generate Key
Using the API Keys in Requests
When calling AppSentinels APIs, include both keys in the headers:
Header: apikey → API Key generated at the organization level
Header: x-user-key → User Key generated for the specific application
user
This dual-key approach ensures both organizational and user-level authentication and accountability.