# How to create and use API keys in Frends In order to have a basic level of authentication anad authorization enabled for your APIs, API keys can be created, managed and used in Frends for APIs. ## Requirements In order to have access to API key management in Frends, you will need to have Administrator level permissions. At the very least, you should have `ApiKeyManagement.Admin` permission in your role to be able to access and manage API keys. You should also have access to creating and editing API Policies, which is granted by the default Editor role in Frends, or byhaving `ApiPolicy.Edit` permission through a role. ## How to create an API key Start by navigating to **Administration > API Keys** view from the main menu to access API key management. You can create a new API key by clicking **New API Key** button top left.

For each API key you create, you need to specify a name and an Environment the key applies to. The key itself will be generated upon saving the key. The generated key value cannot be changed for an API key, only the Environment and name of the API key can be changed after creation. As a common naming and usage scheme, a key would be created for each Environment, API or a set of APIs, and for each separate actor or system using them. For example, a name of an API key might be "ERP API - Dev - CRM system", if the API is for handling ERP integrations in Development Environment, and for CRM system to use to call the API. This would separate it for example from a webstore platform's API key to use the ERP API, which might be "ERP API - Test - Webstore" instead.

In order to actually use the created keys, we need to add them to an API Policy in order to connect them with an API. ## How to use API keys in APIs After you have created an API key or a set of API keys, we need to head over to **APIs > API Policies** page to set them up for our APIs. In order to [learn more about creating API Policies, you can check out the guide for it](/guides/api-management/setting-up-api-policies.md). With new or existing API Policy, make sure **Public access** is disabled, and then click on **New identity** to add an API key to your Policy. The name requested specifies the **identity** for this Policy and not the API key's name.

Setting up an identity to use API key for an API.

With API key identity added, you can specify how the API key should be provided in the API calls, as well as which API keys can access the APIs using this API Policy and identity. When using multiple API keys in the same identity, they will share the throttling settings you can set up for an identity.

Two of the example API keys added to the same identity.

If there's a need to separate different users to different identities for throttling or other reasons, you can simply create another identity and add the other API keys there. Note that the API key usage method (header or query parameter) will be shared for all identities.

Separate identities for separate users of the API.

Because the API keys themselves contain the value which Environment the keys apply to, there is no selection for the targeted Agent Group for API key identities. Remember to click on **Save Changes** in order to save the API Policy. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.frends.com/guides/api-management/how-to-create-and-use-api-keys-in-frends.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.