# Api Keys

The **API Keys** section in RUFUS Cloud allows you to generate and manage API keys for integrating your devices and timing software with RUFUS Cloud through the [**RUFUS Public API**](https://help.runonrufus.com/public-api/). This functionality enables you to remotely access and manage your timing devices, offering flexibility and control for all your integration needs.

Each company account can create **up to 10 API keys**, and you can customize permissions to ensure each application gets only the level of access it needs. The API Keys section is accessible by clicking your **email or company name** in the upper right corner of the navigation bar and selecting the **API Keys** tab.

<figure><img src="/files/UBhx0MmyBt9Gt9gTWOOn" alt=""><figcaption><p>Api Keys Tab</p></figcaption></figure>

## **Creating a New API Key**

To create a new API key, follow these steps:

1. **Alias**: Enter an alias for your API key. This is simply a label to help you identify the key's purpose.
2. **Access Type**: Select the appropriate access type for your key:
   * **READ**: Grants permission to call all **GET** methods. The key can read devices, sessions, and passings information.
   * **WRITE**: Grants permission to call all **POST** and **PATCH** methods. The key can bind devices, insert sessions, and add passings.
   * **READ\_WRITE**: Grants permission to call **all methods**, including GET, POST, PATCH, and DELETE.
3. **Unbind Device**: For **WRITE** and **READ\_WRITE** keys, you can toggle the **Allow Unbind Device** option, which grants permission to call the **DELETE** method and remove a device from the account.
4. Click **Create API Key** to generate the key. The new key will then be displayed in the **Active API Keys** list.

### **Managing Active API Keys**

Once an API key is created, it appears in the **Active API Keys** list. Here, you can:

* **View Details**: The list shows the alias, API key, access type, and whether it has permission to unbind devices.
* **Delete Keys**: If an API key is no longer needed, it can be deleted from this list to revoke its permissions.

## **API Permissions Overview**

* **READ**: Grants permission to call all GET methods, which allows the application to read devices, sessions, and passings information.
* **WRITE**: Grants permission to call all POST and PATCH methods, enabling the binding of devices and insertion of sessions and passings.
* **READ\_WRITE**: Provides full access, allowing the application to call all methods (GET, POST, PATCH, DELETE).
* **Unbind Device**: This permission is available only for **WRITE** and **READ\_WRITE** API keys. It allows a device to be deleted from your account by calling the DELETE method.

## **Typical Use Cases**

To illustrate how API keys can be used, here are some examples:

* **Devices (WRITE)**: Create an API key for your custom RFID timing devices, allowing them to bind with RUFUS Cloud and insert session data.
* **Timing App (READ\_WRITE)**: Use an API key for your timing software or manual timing app, granting it full access to read and manage sessions and passings.
* **Classification App (READ)**: Set up an API key for your classification software, enabling it to read data such as device information, sessions, and passings.
* **Admin (READ\_WRITE, Unbind = true)**: Generate an API key for your timing administration dashboard, with full permissions including the ability to unbind devices from your account.

## **Public API Documentation**

To understand more about integrating your systems with RUFUS Cloud, you can access the [**Public API documentation**](https://help.runonrufus.com/public-api/) . This documentation provides details on how to use the different endpoints and methods available.

## **Security and Management**

API keys are a critical part of managing your integration securely and effectively. Ensure that keys are only provided to trusted applications and always delete any keys that are no longer in use to maintain system security. Properly managing your API keys will help keep your data safe and your integrations running smoothly.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://help.runonrufus.com/rufus-cloud/profile-management/api-keys.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.