Product Updates
Getting Started
- Overview
- Chargebee Billing Data Centers
- Object Relationship Model
- Developer Resources
- Chargebee Tech Glossary
- Articles and FAQ
Implementing Chargebee
AI in Chargebee
Product Catalog
Subscriptions
Customers
Invoices, Credit Notes and Quotes
Taxes
Hosted Capabilities
- Overview
- Payment Components
- Managing payments with ChargebeeJS
- Mobile-Optimized Hosted Pages
- Articles and FAQ
Site Configuration
- Mandatory Fields
- File Attachments & Comments
- Advanced Filter Options
- Multi-decimal Support
- Configuring Reason Codes
- API Keys
- Time Zone
- Time Machine
- Transfer Configurations
- Articles and FAQ
Reports and Analytics
Integrations
Data Privacy & Security
- Two Factor Authentication
- SAML Single Sign-On
- System for Cross-Domain Identity Management (SCIM)
- EU-GDPR
- Consent Management
- Personal Data Management
- Compliance Certificates
- HIPAA Guidelines
- PCI Recommendations and Integration Types
- Articles and FAQ
Data Operations
API Keys
API Keys are used to authenticate your application and control its access to the Chargebee API.
It is strongly advised to keep API keys secret, especially those that give full access to the API.
To create and configure the API keys, select Settings > Configure Chargebee > API Keys and Webhooks and then click on the API Keys tab. Any existing API keys are listed.
API Keys for Test and Live sites are distinct from each other.
Types of API keys
There are three major types of API keys:
- Full-access key
- Publishable key
- Read-only key
All API keys have site-level context . As such, an API key cannot be restricted to operate within the context of a business entity . However, you can restrict an API operation to work within a business entity context.
Full-access key
A full-access key is used to access all API resources in your Chargebee site. All the resources listed in the API reference can be accessed using this type of key.
The full-access key has three subtypes, each providing different levels of write permissions. The following table summarizes the type of API operations that can be carried out by each subtype:
| Full-access key subtype | Create | Retrieve | Update | Delete |
|---|---|---|---|---|
| All |  | | | |
| Update key |  | | | |
| Write key | | | | |
Publishable Key
This key can only be used to create new subscriptions. You can extend the permissions of this key to more API operations as will be shown next.
The possible API call for a regular Publishable Key is:
You can add the following access levels to a publishable key:
-
Allow Estimate API Calls This gives a publishable key access to Estimates API.
-
Allow read-only access to Product Catalog This gives a publishable key read-only access to the Plans and Addons API.
Note: To prevent misuse, coupons, coupon sets and coupon codes API are not accessible with this key.
All of the Publishable keys are also browser keys, they can be used to make API calls from web browsers. The other types of keys cannot be used as browser keys.
Read-only Key
This type of key has a few sub-types, offering varying levels of read-only access to the Chargebee API.
- Read-only: All This type of key allows you to perform any read-only API call in Chargebee.
- Read-only: Restricted
Depending on the checkboxes selected, this type of key allows read-only access to one or both of the following sets of API groups:
- Allow read-only access to transactional data: Read-only access to the following set of API groups is allowed: Subscriptions, Customers, Payment Sources, Virtual Bank Accounts, Cards, Invoices, Credit Notes, Unbilled Charges, Orders, Gifts, Transactions, Quotes, Addresses and Events
- Allow read-only access to your Product Catalog Read-only access to the Plans and Addons API is allowed.
Note: To prevent misuse, coupons, coupon sets and coupon codes are not accessible with this key.
Create an API key
To create a new API key, click on the Add an API Key button, choose the type of key to create, give it a name and click Create Key.
Whenever an API call triggers an event in Chargebee, the name of the API key is seen in the value of the user attribute.
Disable/delete keys
A key can be disabled or deleted using the more options button on the card for the key.
- Disabling a key prevents any applications using it from making API calls to Chargebee. Disabling allows you to re-enable the key later.
- Deleting a key purges it forever. The same key is never created again.
Note: At least one full access key must be present for a site; you cannot delete all of them.
Like passwords, it is recommended that you periodically replace old keys with new ones. This improves security. While at it, it is always best to first create the new API keys, update all the existing keys on your application with the new keys, and only then delete the old keys from Chargebee.
Discontinued key types
Some key type combinations have been discontinued since and can no longer be created. However, this change is non-breaking. So if such keys were already created by you and are being used, they will continue to work with all their permissions.
Listed below are some examples of key type combinations that have been discontinued:
- Extended Publishable Key without Use from Browser
- Extended Publishable Key + Publishable Key without Use from Browser
- Extended Publishable Key + Read Product Configuration without Use from Browser
- Extended Publishable Key + Read Transactional Data without Use from Browser
- Read Product Configuration with Use from Browser
- Read-only Access + Extended Publishable Key
- Read-only Access + Publishable Key
- Read Transactional Data + Extended Publishable Key + Read Product Configuration without Use from Browser
Was this article helpful?