February 25, 2020 By Michelle Kaufman
Martin Smolny
2 min read

What are IBM Cloud API keys?

IBM Cloud API keys are credentials that are associated with a user’s identity in an IBM Cloud account. Only a specific user can create, update, and delete an API key for themself in an account. The API key often acts as both a unique identifier and a secret token for authentication, and it has a set of access privileges that is specific to the user who created it. API keys can be used in the command-line interface (CLI) or as part of automation to log in to applications as a specific user. 

API key cleanup for users removed from an account 

When you remove a user from an account, all of the Identity and Access Management (IAM) access policies for the user are deleted, so the user loses all access to resources in that account. However, previously, the API keys for removed users were not deleted automatically, so API keys still existed for users without access to the account. 

Don’t worry, this wasn’t a security issue because the user’s access is taken away when they are removed from the account. However, before the recent changes, if you happened to add the user back to the account, the API keys they created for themselves were still available to be used again. 

We understand that you might not expect the API keys to be kept after you remove a user, so we updated the way API keys are handled for users that are removed from an account. There is no action or cleanup that you need to do. IBM Cloud now completes the following actions on your behalf when you remove a user from your account:

  • If a user is removed from an account, the API keys are immediately removed.
  • If a user is added back to an account, the API keys that they previously created are no longer available or valid.
  • If a user was removed from an account before this update, we’ll make sure that their API keys are removed too.

Check out the documentation to learn more about API keys in IBM Cloud.

More from Announcements

IBM Hybrid Cloud Mesh and Red Hat Service Interconnect: A new era of app-centric connectivity 

2 min read - To meet customer demands, applications are expected to be performing at their best at all times. Simultaneously, applications need to be flexible and cost effective, and therefore supported by an underlying infrastructure that is equally reliant, performant and secure as the applications themselves.   Easier said than done. According to EMA's 2024 Network Management Megatrends report only 42% of responding IT professionals would rate their network operations as successful.   In this era of hyper-distributed infrastructure where our users, apps, and data…

IBM named a Leader in Gartner Magic Quadrant for SIEM, for the 14th consecutive time

3 min read - Security operations is getting more complex and inefficient with too many tools, too much data and simply too much to do. According to a study done by IBM, SOC team members are only able to handle half of the alerts that they should be reviewing in a typical workday. This potentially leads to missing the important alerts that are critical to an organization's security. Thus, choosing the right SIEM solution can be transformative for security teams, helping them manage alerts…

IBM and MuleSoft expand global relationship to accelerate modernization on IBM Power 

2 min read - As companies undergo digital transformation, they rely on APIs as the backbone for providing new services and customer experiences. While APIs can simplify application development and deliver integrated solutions, IT shops must have a robust solution to effectively manage and govern them to ensure that response times and costs are kept low for all applications. Many customers use Salesforce’s MuleSoft, named a leader by Gartner® in full lifecycle API management for seven consecutive times, to manage and secure APIs across…

IBM Newsletters

Get our newsletters and topic updates that deliver the latest thought leadership and insights on emerging trends.
Subscribe now More newsletters