guideAPI secret

# API secret overview

The API secret is used for authentication in the most critical parts of the system where access should be limited. For example, the API secret is used in REST APIs and webhooks mechanisms.

Each environment has one API secret, but it can be changed.

For security reasons, the API secret should be kept in a safe place.

# API secret management

The API secret is available for every environment in the CKEditor Ecosystem customer dashboard for SaaS or in the Management Panel for On-Premises. To find it, please follow the steps below:

  1. From the list of environments select one that you want to manage:

Select environment that you want to manage.

  1. Go to the “API configuration” tab and click the “Refresh” button in the “API secret” section:

The API configuration section with the “Refresh” button in the API secret section.

  1. Read message and click the “Refresh” button to create a new API secret:

The API secret refresh prompt.

  1. Copy the newly generated API secret and save it in a safe place. It will not be possible to display this API secret again.

The API configuration section with the newly created API secret displayed.

If by any chance your API secret is made public, it should be changed immediately by using the “Refresh” button shown in the image above.