Authentication
Issue and rotate credentials without taking the directory offline.
Developer documentation
API keys
Create separate keys for staging and production. Keys are prefix-coded so support can identify leaks quickly without exposing the full secret in tickets.
Scopes
Default to read-only listing scope. Write scopes require a human-reviewed integration checklist—this protects owners from silent profile edits.
Rotation
Rotate secrets with a two-key overlap window. Old keys remain valid for 24 hours while you deploy new environment variables.
Need an integration review? Contact the platform team.