Types of New Relic API keys

New Relic provides different APIs that require their own type of API keys, based on the product or feature. This document describes our APIs, the keys required to execute certain functions, and how to manage access to these API keys.

When to use an API key

Different APIs use different types of API keys.

API key type Where it’s used What it does

REST API key

Use with most New Relic APIs and the API Explorer.

The New Relic REST API allows you to interact with data from multiple New Relic products and services, including:

Alerts | APM | Browser | Infrastructure alerts | Labels | Mobile | Plugins

Admin’s API key

Use with the REST API and API Explorer for additional admin-only functionality. Also used with the Synthetics API.

Available only for the account Owner or Admins. The Admin user's API key grants additional permissions with the New Relic REST API and API Explorer.

Personal API key

Use with the NerdGraph GraphiQL explorer.

You can use the NerdGraph GraphiQL explorer to query entities, see relationships between them, add tags to entities, and more. To get started, go to https://api.newrelic.com/graphiql.

Insert API key

Use with the Event API, Log API, Metric API, and Trace API.

Use this key to report custom data to New Relic, including event, log, metric, or trace data. Once your custom data is sent to us, use NRQL to sample, query, and visualize your data.

Query API key

Use with the Query API to query any event data collected by Insights.

For more information on adding or deleting query API keys, see Query Insights event data via API.

REST API Key

Owner or Admins

Before you can use New Relic's REST API or the API Explorer, you must have a REST API key for your New Relic account. For master accounts with sub-accounts, each sub-account must use its own REST API key.

Only the account Owner or Admin can generate a REST API key for the account and each sub-account. Then, users in the account or sub-account can use the REST API key to view (but not add, change, or delete) data from the New Relic REST API and API Explorer.

Availability: Each New Relic account can have one REST API key.

Activate REST API key

To activate API access:

  1. From the account dropdown in the New Relic UI, select Account settings > Integrations > API keys.
  2. Select [regenerate icon] Regenerate REST API key.
  3. Select (Show key) to view your account's new REST API key.
  4. Copy your account's REST API key to use with New Relic's REST API.
Regenerate REST API key

To change your account's REST API key:

  1. Select [regenerate icon] Regenerate REST API key.
  2. Confirm the deletion of the previous REST API key by typing DELETION IS FOREVER in the text field.
  3. Select Regenerate.
  4. Copy the new REST API key to use with New Relic's REST API.
View REST API keys

To view REST API keys:

  1. From the account dropdown in the New Relic UI, select Account settings > Integrations > API keys.
  2. Select (Show key).
Delete REST API key

To delete your account's REST API key:

  1. Before you delete an API key, make sure you have the correct account or sub-account.
  2. From the account dropdown in the New Relic UI, select Account settings > Integrations > API keys.
  3. Select the delete [trash can icon] icon for the REST API key.
  4. Confirm the deletion by typing DELETION IS FOREVER in the text field.
  5. Select Delete.

Admin's API key

Owner or Admin

Availability: Only for individuals in the account or selected sub-account whose roles are Owner or Admin. Each account Owner or Admin can have one personal Admin user's API key per account.

Use the New Relic Admin user's API key to manage access to the REST API and API Explorer. Users can use the account REST API key to view data with the API Explorer while Owners and Admins can use an Admin user's API key to view, add, change, or delete data.

The Admin user's API key grants full permissions to use the New Relic REST API and API Explorer, including GET > List, POST > Create, PUT > Add or Update, and DELETE functions.

In addition, the New Relic account Owner or Admins must use their Admin user's API key to manage Insights dashboards using the API Explorer functions, including CREATE > Post, UPDATE > Put, SHOW > Get, SHOW > List, and DELETE functions. Other account users cannot view dashboard data from the API Explorer or use the Dashboard API functions.

Activate Admin user's API key

To activate Admin API access:

  1. From the account dropdown in the New Relic UI, select Account settings > Integrations > API keys.
  2. Next to your name, select the generate [regenerate icon] icon to generate your Admin user's API key.
  3. Select (Show key) to view your new Admin user's API key.
  4. Copy your Admin user's API key to use with New Relic's REST API.
View Admin's API key

An index of Admin user's API keys appears below the account's REST API key. The list includes the Admin's full name and the date their key was last used.

  • You can view your own Admin user's API key: From the Admin index, select (Show key) for your name.
  • You can only view other Admin's names. The keys for all other Admins are partially obscured.
Regenerate Admin user's API key

To change an Admin user's API key:

  1. Select the Admin user's [regenerate icon] Regenerate REST API key icon.
  2. Confirm the deletion of the previous Admin user's API key by typing DELETION IS FOREVER in the text field.
  3. Select Regenerate.
  4. Copy the new Admin user's API key to use with New Relic's REST API.
Delete an Admin's API key

If you delete an Admin from the New Relic account, or change their role from Admin to User or Restricted user, this will also automatically remove their Admin user's API key.

To delete an Admin user's API key:

  1. Before you delete an API key, make sure you have the correct account or sub-account.
  2. From the account dropdown in the New Relic UI, select Account settings > Integrations > API keys.
  3. From the list of Admins, locate the person whose key must be deleted.
  4. Select the delete [trash can icon] icon for the REST API key or the Admin user's API key.
  5. Confirm the deletion by typing DELETION IS FOREVER in the text field.
  6. Select Delete.

Personal API key

Personal API keys are generated on a per-user basis, and they can be used with the New Relic GraphQL API.

Availability: Each person on your account can have their own personal API key, and these keys should not be shared. This lets you keep track of changes that are made across your organization.

Generate a user-specific API key

This API key is separate from the New Relic REST API key. To generate an API key for an existing user:

  1. Ensure you are the account Owner or Admin on the account.
  2. Go to rpm.newrelic.com > (account dropdown) > Account settings > Account > Users and roles.
  3. Select the user.
  4. Select + New API key.
  5. When prompted, confirm key creation.
View user-specific keys

You cannot view another user's entire API key, only the first few characters. To view your personal API key:

  1. Go to rpm.newrelic.com > (account dropdown) > Account settings > Account > Users and roles.
  2. Select your name from the list of users.
  3. Select the API keys tab to view your personal keys.
Delete a user-specific key

Owner or Admin

Anyone can delete their own personal API key, but to delete another user's personal key you must be an Owner or Admin. To delete a personal API key:

  1. Go to rpm.newrelic.com > (account dropdown) > Account settings > Account > Users and roles.
  2. Select the user.
  3. Select the API keys tab.
  4. Select the delete [trash can icon] icon.

Insert API key

Use this key with the Event API, Log API, Metric API, and Trace API.

Generate an Insert API key

You must have access to the Insights UI and the correct permissions (Owner, Admins, or add-on managers) in order to register or modify Insert API key.

Insert API keys are generated for an account. They are not associated with a specific user. Anyone in the account with access to the Insert API key can use it.

If you have a paid Insights subscription, you can submit multiple event types under a single Insert API key However, to help ensure security, we recommend that you use different keys for different applications or different data sources.

To register an Insert API key:

  1. Go to insights.newrelic.com > cogs Manage data > key API keys.
  2. Next to the Insert keys heading, select the symbol.
  3. Enter a short description (owner, team, purpose, data source, etc.) for the key.
  4. Select Save your notes.
Edit or delete an Insert API key

To edit or delete an Event API insert key:

  1. Go to insights.newrelic.com > cogs Manage data > key API keys.
  2. Under Insert Keys, locate the key you need to modify. Select Edit or Delete.

For more help

Recommendations for learning more: