Types of New Relic API keys

New Relic has several types of APIs that require their own type of API keys, based on the data set they can retrieve. This document describes our APIs, the keys required to execute certain functions, and how to manage access to these API keys.

Where to use our API keys

Different APIs use different types of API keys.

When using... ... use this key

NerdGraph (our GraphQL API), which allows you to query most data that New Relic collects and to do some management tasks

Personal API key

Our APIs for event, log, metric, or trace data.

Insert API key

Our REST APIs for Alerts, APM, Browser, Infrastructure alerts, or Mobile REST APIs; and the API Explorer.

REST API key

Admin-only functionality with the REST API and API Explorer; or with the Synthetics API.

Admin’s API key

One of New Relic's query APIs to query data.

X-Query API key

Personal API key

This is the API key that allows you to use NerdGraph (our GraphQL API). You can use NerdGraph to query entities, see relationships between them, add tags to entities, and more.

Personal API keys are generated on a per-user basis. Each person on your account can have their own personal API key, and these keys should not be shared. This lets you keep track of changes that are made across your organization.

You can create and manage personal API keys via the NerdGraph API, or you can use these UI options:

Create personal API keys via UI

To generate an API key for a user from the UI:

  1. Ensure you are the account Owner or Admin on the account.
  2. Go to rpm.newrelic.com > (account dropdown) > Account settings > Account > Users and roles.
  3. Select the user.
  4. Select + New API key.
  5. When prompted, confirm key creation.
View personal API keys via UI

You cannot view another user's entire API key, only the first few characters. Restricted users also cannot view their personal API key.

To view your personal API key:

  1. Go to rpm.newrelic.com > (account dropdown) > Account settings > Account > Users and roles.
  2. Select your name from the list of users.
  3. Select the API keys tab to view your personal keys.
Delete personal API keys via UI

Owner or Admin

Anyone can delete their own personal API key, but to delete another user's personal key you must be an Owner or Admin. To delete a personal API key:

  1. Go to rpm.newrelic.com > (account dropdown) > Account settings > Account > Users and roles.
  2. Select the user.
  3. Select the API keys tab.
  4. Select the delete [trash can icon] icon.

REST API key

Owner or Admins

Before you can use New Relic's REST API or the API Explorer, you must have a REST API key for your New Relic account. For master accounts with sub-accounts, each sub-account must use its own REST API key.

Only the account Owner or Admin can generate a REST API key for the account and each sub-account. Then, users in the account or sub-account can use the REST API key to view (but not add, change, or delete) data from the New Relic REST API and API Explorer.

Availability: Each New Relic account can have one REST API key.

Activate REST API key

To activate API access:

  1. From the account dropdown in the New Relic UI, select Account settings > Integrations > API keys.
  2. Select [regenerate icon] Regenerate REST API key.
  3. Select (Show key) to view your account's new REST API key.
  4. Copy your account's REST API key to use with New Relic's REST API.
Regenerate REST API key

To change your account's REST API key:

  1. Select [regenerate icon] Regenerate REST API key.
  2. Confirm the deletion of the previous REST API key by typing DELETION IS FOREVER in the text field.
  3. Select Regenerate.
  4. Copy the new REST API key to use with New Relic's REST API.
View REST API keys

To view REST API keys:

  1. From the account dropdown in the New Relic UI, select Account settings > Integrations > API keys.
  2. Select (Show key).
Delete REST API key

To delete your account's REST API key:

  1. Before you delete an API key, make sure you have the correct account or sub-account.
  2. From the account dropdown in the New Relic UI, select Account settings > Integrations > API keys.
  3. Select the delete [trash can icon] icon for the REST API key.
  4. Confirm the deletion by typing DELETION IS FOREVER in the text field.
  5. Select Delete.

Admin's API key

Owner or Admin

Availability: Only for individuals in the account or selected sub-account whose roles are Owner or Admin. Each account Owner or Admin can have one personal Admin user's API key per account.

Use the New Relic Admin user's API key to manage access to the REST API and API Explorer. Users can use the account REST API key to view data with the API Explorer while Owners and Admins can use an Admin user's API key to view, add, change, or delete data.

The Admin user's API key grants full permissions to use the New Relic REST API and API Explorer, including GET > List, POST > Create, PUT > Add or Update, and DELETE functions.

In addition, the New Relic account Owner or Admins must use their Admin user's API key to manage Insights dashboards using the API Explorer functions, including CREATE > Post, UPDATE > Put, SHOW > Get, SHOW > List, and DELETE functions. Other account users cannot view dashboard data from the API Explorer or use the Dashboard API functions.

Activate Admin user's API key

To activate Admin API access:

  1. From the account dropdown in the New Relic UI, select Account settings > Integrations > API keys.
  2. Next to your name, select the generate [regenerate icon] icon to generate your Admin user's API key.
  3. Select (Show key) to view your new Admin user's API key.
  4. Copy your Admin user's API key to use with New Relic's REST API.
View Admin's API key

An index of Admin user's API keys appears below the account's REST API key. The list includes the Admin's full name and the date their key was last used.

  • You can view your own Admin user's API key: From the Admin index, select (Show key) for your name.
  • You can only view other Admin's names. The keys for all other Admins are partially obscured.
Regenerate Admin user's API key

To change an Admin user's API key:

  1. Select the Admin user's [regenerate icon] Regenerate REST API key icon.
  2. Confirm the deletion of the previous Admin user's API key by typing DELETION IS FOREVER in the text field.
  3. Select Regenerate.
  4. Copy the new Admin user's API key to use with New Relic's REST API.
Delete an Admin's API key

If you delete an Admin from the New Relic account, or change their role from Admin to User or Restricted user, this will also automatically remove their Admin user's API key.

To delete an Admin user's API key:

  1. Before you delete an API key, make sure you have the correct account or sub-account.
  2. From the account dropdown in the New Relic UI, select Account settings > Integrations > API keys.
  3. From the list of Admins, locate the person whose key must be deleted.
  4. Select the delete [trash can icon] icon for the REST API key or the Admin user's API key.
  5. Confirm the deletion by typing DELETION IS FOREVER in the text field.
  6. Select Delete.

Insert API key

Use this key with the Event API, Log API, Metric API, and Trace API.

This key reports custom data to New Relic, including event, log, metric, or trace data. Once your custom data is sent to us, use NRQL to sample, query, and visualize your data.

Generate an Insert API key

You must have access to the Insights UI and the correct permissions (Owner, Admins, or add-on managers) in order to register or modify Insert API key.

Insert API keys are generated for an account. They are not associated with a specific user. Anyone in the account with access to the Insert API key can use it.

If you have an Insights Pro subscription, you can submit multiple event types under a single Insert API key However, to help ensure security, we recommend that you use different keys for different applications or different data sources.

To register an Insert API key:

  1. Go to insights.newrelic.com > cogs Manage data > key API keys.
  2. Next to the Insert keys heading, select the symbol.
  3. Enter a short, clear description for the key.
  4. Select Save your notes.
Edit or delete an Insert API key

To edit or delete an Event API insert key:

  1. Go to insights.newrelic.com > cogs Manage data > key API keys.
  2. Under Insert Keys, find the key you want to modify. Select Edit or Delete.

X-Query key

Use this key to query data via New Relic's query APIs. Structure queries including your key based on the specifications for the API you're working with.

Generate an X-Query key

You must have access to the UIs you plan to query and the correct permissions (Owner, Admins, or add-on managers) in order to register or modify an X-Query key.

X-Query keys are generated for an account. They are not associated with a specific user. Anyone in the account with access to the X-Query key can use it.

To register an X-query key:

  1. Go to insights.newrelic.com > Manage data > API keys.
  2. Select the plus icon next to the Query keys heading.
  3. Enter a short, clear description of the key.
  4. Select Save your notes.
Edit or delete an X-Query key

To edit or delete an X-Query key:

  1. Go to insights.newrelic.com > Manage data > API keys.
  2. Under Query Keys, find the key you want to modify. Select Edit or Delete.

Other keys

Other important New Relic keys include:

For more help

Recommendations for learning more: