New Relic has several different APIs that use different API keys. This resource explains our keys, what they're used for, and how to access them.
If you're using a specific API, see the docs for that API to understand which keys are required and recommended. To learn about our APIs, see Introduction to APIs.
Our keys can be broken down into two categories:
There are many ways to get data into New Relic. Here are the API keys used for data ingest:
- License key: our primary ingest key, used for APM ingest, infrastructure monitoring ingest, and our ingest APIs and the integrations that use them.
- Browser key: used for browser monitoring ingest.
- Mobile app token: used for mobile monitoring ingest.
- Insights insert key: an older key that has been mostly deprecated, it has the same functionality as the license key. We recommend using the license key instead.
Here are keys used for querying New Relic data or configuration of features:
- User key, also known as a "personal API key": used for NerdGraph (our GraphQL API) and for accessing REST API endpoints.
- REST API key: used for the REST API but we instead recommend using the user key because it has fewer restrictions.
- Insights query key: used with the Insights query API for querying New Relic data. We recommend using NerdGraph instead of this API.
Our primary key used for data ingest is called the license key, also referenced in the UI and NerdGraph API as
ingest - license. The license key is a 40-character hexadecimal string associated with a New Relic account. Each account in a New Relic organization has its own license key. When you first sign up for New Relic, that creates an organization with a single account, and that account has its own license key. If more accounts are added, each account will have its own license key.
The types of data ingest the license key is used for include:
- APM agent data
- Infrastructure agent data
- Data sent via our core data ingest APIs (Metric API, Trace API, Event API, Log API), and the SDKs and integrations that use those APIs
Because the license key is used for data ingest, we recommend you treat your license key securely, like you would a password. This ensures no unwanted data is sent to your New Relic account. If your license key falls into the wrong hands, an attacker could send fake data to your account, which could trigger false alerts and contaminate your data so that detecting actual issues is more difficult. If you believe a license key has been exposed and has led to unwanted data, work with our Support team.
You can't manage or delete the original license key that was created when an account was initially created. For that, contact New Relic support.
A user key is tied to both a specific New Relic user and a specific account. Our APIs that use this key let a user make queries for any accounts that user has been granted access to.
One of the New Relic API keys that are used for data ingest is the browser key. The browser key allows the ingestion of data from New Relic browser monitoring.
You can't manage or delete an original browser key that was created when your account was created. For that, contact New Relic support.
This key is still in use but we highly recommend using the license key, which can be used for the same things and more.
One of the New Relic API keys used for data ingest is the Insights insert key, also known as an "insert key"). Note that the license key is used for the same functionality and more, which is why we recommend the license key over this key.
Tips on availability and access:
- Because these keys are associated with an account and not a specific user, anyone in the account with access to a key can use it.
- As a best practice for security purposes, we recommend you use different Insights insert keys for different applications or different data sources.
We highly recommend using a user key instead, because that key has fewer restrictions.
Things to consider:
- We recommend using our newer NerdGraph API over the REST API, if possible.
- Requires admin-level user permissions. If you don't have access to the REST API key or the REST API explorer, it might be due to lack of permissions. Talk to your New Relic account manager, or use a user key instead.
- Each New Relic account can have only one REST API key.
To find and manage REST API keys: From the account dropdown, click API keys (get a direct link to the API keys page). Then click REST API key. Before you configure or delete an API key, ensure you are doing so for the correct account.
As of December 4, 2020, all existing admin keys have been migrated to be user keys.
You don’t need to do anything for existing admin keys to remain active. They will be automatically accessible via the API keys UI, labeled as user keys, and granted identical permissions. You can manage them as you would any user key via the same workflow.
All migrated admin keys will have a note that says “Migrated from an admin user key” in the key table, so you’ll be able to find them easily.
Looking for the account ID? See Account ID.
If you need more help, check out these support and learning resources:
- Browse the Explorers Hub to get help from the community and join in discussions.
- Find answers on our sites and learn how to use our support portal.
- Run New Relic Diagnostics, our troubleshooting tool for Linux, Windows, and macOS.
- Review New Relic's and and documentation.