Types of New Relic API keys

New Relic has several types of APIs that require their own type of API keys, based on the data set they can retrieve. This document describes our APIs, the keys required to execute certain functions, and how to manage access to these API keys.

Where to use our API keys

Different APIs use different types of API keys.

When using... ... use this key

NerdGraph (our GraphQL API), which allows you to query most data that New Relic collects and to do some management tasks

Personal API key

Our APIs for event, log, metric, or trace data.

Insert API key

Our REST APIs for Alerts, APM, Browser, Infrastructure alerts, or Mobile REST APIs; and the API Explorer.

REST API key

Admin-only functionality with the REST API and API Explorer; or with the Synthetics API.

Admin’s API key

One of New Relic's query APIs to query data.

Query API key

Personal API key

Requirements and availability:

This API key allows you to use NerdGraph (our GraphQL API). You can use NerdGraph to query entities, see relationships between them, add tags to entities, and more.

Personal API keys are generated on a per-user basis. Each person on your account can have their own personal API key, and these keys should not be shared. This lets you keep track of changes that are made across your organization. You can create and manage personal API keys via the NerdGraph API.

Some users can use these UI options:

Create personal API keys via UI

To generate an API key for a user from the UI:

  1. Click your username in one.newrelic.com and go to Account settings > Users and roles.
  2. Select the user and click the API keys tab.
  3. Select + New API key.
  4. When prompted, confirm key creation.
View personal API keys via UI

You cannot view another user's entire API key, only the first few characters. Restricted users also cannot view their personal API key.

To view your personal API key:

  1. Click your username in one.newrelic.com and go to Account settings > Users and roles.
  2. Select your name from the list of users.
  3. Select the API keys tab to view your personal keys.
Delete personal API keys via UI

To delete a personal API key:

  1. Click your username in one.newrelic.com and go to Account settings > Users and roles.
  2. Select the user.
  3. Select the API keys tab.
  4. Select the delete [trash can icon] icon.

REST API key

Before you can use New Relic's REST API or the API Explorer, you must have a REST API key for your New Relic account. For master accounts with sub-accounts, each sub-account must use its own REST API key.

Only the account owner or admin can generate a REST API key for the account and each sub-account. Then, users in the account or sub-account can use the REST API key to view (but not add, change, or delete) data from the New Relic REST API and API Explorer.

Availability: Each New Relic account can have one REST API key.

Activate REST API key

To activate API access:

  1. Click your username in one.newrelic.com and go to Account settings > API keys.
  2. Select [regenerate icon] Regenerate REST API key.
  3. Select (Show key) to view your account's new REST API key.
  4. Copy your account's REST API key to use with New Relic's REST API.
Regenerate REST API key

To change your account's REST API key:

  1. Select [regenerate icon] Regenerate REST API key.
  2. Confirm the deletion of the previous REST API key by typing DELETION IS FOREVER in the text field.
  3. Select Regenerate.
  4. Copy the new REST API key to use with New Relic's REST API.
View REST API keys

To view REST API keys:

  1. Click your username in one.newrelic.com and go to Account settings > API keys.
  2. Select (Show key).
Delete REST API key

To delete your account's REST API key:

  1. Before you delete an API key, make sure you have the correct account or sub-account.
  2. Click your username in one.newrelic.com and go to Account settings > API keys.
  3. Select the delete [trash can icon] icon for the REST API key.
  4. Confirm the deletion by typing DELETION IS FOREVER in the text field.
  5. Select Delete.

Admin's API key

Requirements and availability:

Use the New Relic Admin user's API key to manage access to the REST API and API Explorer. Users can use the account REST API key to view data with the API Explorer while Owners and Admins can use an Admin user's API key to view, add, change, or delete data.

The Admin user's API key grants full permissions to use the New Relic REST API and API Explorer, including GET > List, POST > Create, PUT > Add or Update, and DELETE functions.

In addition, you must use your Admin API key to manage dashboards using the API Explorer functions, including CREATE > Post, UPDATE > Put, SHOW > Get, SHOW > List, and DELETE functions. Other account users cannot view dashboard data from the API Explorer or use the Dashboard API functions.

Activate Admin user's API key

To activate Admin API access:

  1. Click your username in one.newrelic.com and go to Account settings > API keys.
  2. Next to your name, select the generate [regenerate icon] icon to generate your Admin user's API key.
  3. Select (Show key) to view your new Admin user's API key.
  4. Copy your Admin user's API key to use with New Relic's REST API.
View Admin's API key

An index of Admin user's API keys appears below the account's REST API key. The list includes the Admin's full name and the date their key was last used.

  • You can view your own Admin user's API key: From the Admin index, select (Show key) for your name.
  • You can only view other Admin's names. The keys for all other Admins are partially obscured.
Regenerate Admin user's API key

To change an Admin user's API key:

  1. Select the Admin user's [regenerate icon] Regenerate REST API key icon.
  2. Confirm the deletion of the previous Admin user's API key by typing DELETION IS FOREVER in the text field.
  3. Select Regenerate.
  4. Copy the new Admin user's API key to use with New Relic's REST API.
Delete an Admin's API key

If you delete an Admin from the New Relic account, or change their role from Admin to User or Restricted user, this will also automatically remove their Admin user's API key.

To delete an Admin user's API key:

  1. Before you delete an API key, make sure you have the correct account or sub-account.
  2. Click your username in one.newrelic.com and select Account settings > API keys.
  3. From the list of Admins, locate the person whose key must be deleted.
  4. Select the delete [trash can icon] icon for the REST API key or the Admin user's API key.
  5. Confirm the deletion by typing DELETION IS FOREVER in the text field.
  6. Select Delete.

Insert API key

Tips on availability and access:

  • Because Insert API keys are associated with an account and not a specific user, anyone in the account with access to an Insert API key can use it.
  • As a best practice for security purposes, we recommend you use different Insert API keys for different applications or different data sources.

This key is required for sending data via the Event API, Log API, Metric API, and Trace API, or via our integrations that use these APIs. This key reports custom data to New Relic, including event, log, metric, or trace data. Once your custom data is sent to us, you can query and visualize that data.

Generate an Insert API key

To register an Insert API key:

  1. Click your username in one.newrelic.com and select Account settings.
  2. Select API keys, and then select Insights API keys.
  3. Next to the Insert keys heading, select the symbol and follow the instructions.
Edit or delete an Insert API key

To edit or delete an Insert API key:

  1. Click your username in one.newrelic.com and select Account settings.
  2. Select API keys, and then select Insights API keys.
  3. Under Insert Keys, find the key you want to modify. Select Edit or Delete.

Query key

Use this key to query data via New Relic's query APIs. Structure queries including your key based on the specifications for the API you're working with.

Generate a Query key

You must have access to the UIs you plan to query and the correct permissions in order to register or modify a Query key.

Query keys are generated for an account. They are not associated with a specific user. Anyone in the account with access to the Query key can use it.

To register an Query key:

  1. Go to insights.newrelic.com > Manage data > API keys.
  2. Select the plus icon next to the Query keys heading.
  3. Enter a short, clear description of the key.
  4. Select Save your notes.
Edit or delete a Query key

To edit or delete an Query key:

  1. Go to insights.newrelic.com > Manage data > API keys.
  2. Under Query Keys, find the key you want to modify. Select Edit or Delete.

For more help

If you need more help, check out these support and learning resources: